/etc/sysctl.conf – nixCraft

How to prevent unprivileged users from viewing dmesg command output on Linux

June 10, 2017June 13, 2017in CentOS, Debian / Ubuntu, Linux, RedHat and Friends, Security, Suse last updated June 13, 2017

I want to restrict both normal users and root user inside LXD container “hypervisor” from viewing and using dmesg command output. How do I prevent non-root (unprivileged) Linux users from viewing the Linux kernel’s log buffer?

How to reload sysctl.conf variables on Linux

February 8, 2016in BASH Shell, CentOS, Debian / Ubuntu, Linux, Troubleshooting last updated February 8, 2016

I am new Linux system user. How do I reload all sysctl variables without rebooting my server?

Linux: Log Suspicious Martian Packets / Un-routable Source Addresses

February 19, 2014February 19, 2014in Linux, Networking, Security last updated February 19, 2014

I run a web-server and I would like to log packets with un-routable source addresses on Linux operating system. How can I log spoofed packets on Debian / Ubuntu / CentOS / RHEL / Linux based server? How can I log a Martian packet (packet from Mars) on Linux operating systems?

Ubuntu Linux: Turn On Exec-Shield Buffer Overflow Protection

May 19, 2013June 4, 2013in Security, Ubuntu Linux last updated June 4, 2013

I am trying to set exec-shield protection on Linux as described here but getting the following error on Ubuntu Linux server version 12.04 LTS:

sysctl -w kernel.exec-shield=1
error: “kernel.exec-shield” is an unknown key

How do I fix this problem and make sure exec-shield buffer overflow protection security feature turned on Ubuntu Linux?

Linux: Turn On TCP SYN Cookie Protection

April 14, 2013in Linux, Networking, Security last updated April 14, 2013

I am under DoS attack. My cloud based server hosting company asked me to enable TCP SYN cookie protection to save my domain from SYN Attack. How do I turn on TCP Syn cookie protection under Ubuntu or CentOS Linux based server?

Linux: Force Close A Socket / Port On Server In a TIME_WAIT State

April 9, 2013March 10, 2014in Linux, Networking, Troubleshooting last updated March 10, 2014

I run a BT client and few other server program on Linux. Sometime these programs get overloaded with too many connections and crashes. If I restart my apps, I see lots of old IPs in a TIME_WAIT state. How do I force and and close everything in a TIME_WAIT state under Linux operating systems?

FreeBSD: Allow Normal Users To Mount CDROMs / DVDs / USB Devices

November 5, 2012in FreeBSD last updated November 5, 2012

How do I allow any ordinary users (such as my son or wife) to mount CD-ROMs, DVDs, USB drives, and other removable media on our home server powered by FreeBSD operating systems?