/etc/sysctl.conf HowTo - Linux / Unix Q & A from nixCraft

How to view Linux kernel parameters for currently booted system

last updated December 21, 2018 in CentOS, Debian / Ubuntu, Linux, Suse, Ubuntu Linux

How do I display or view Linux kernel parameters for currently running/booted kernel? How can I see Linux kernel command line parameters?

Linux prevent unprivileged users from viewing dmesg

last updated November 19, 2019 in CentOS, Debian / Ubuntu, Linux, RedHat and Friends, Security, Suse

I want to restrict both normal users and root user inside LXD container “hypervisor” from viewing and using dmesg command output. How do I prevent non-root (unprivileged) Linux users from viewing the Linux kernel’s log buffer? Can Linux prevent unprivileged users from viewing dmesg command output?

How to reload sysctl.conf variables on Linux

last updated February 8, 2016 in BASH Shell, CentOS, Debian / Ubuntu, Linux, Troubleshooting

I am new Linux system user. How do I reload all sysctl variables without rebooting my server?

Linux: Log Suspicious Martian Packets / Un-routable Source Addresses

last updated July 11, 2018 in Linux, Networking, Security

I run a web-server, and I would like to log packets with un-routable source addresses on Linux operating system. How can I log spoofed packets on a Debian, Ubuntu, CentOS/RHEL or any Linux based server? How can I log a Martian packet (packet from Mars) on Linux operating systems?

Ubuntu Linux: Turn On Exec-Shield Buffer Overflow Protection

last updated June 4, 2013 in Security, Ubuntu Linux

I am trying to set exec-shield protection on Linux as described here but getting the following error on Ubuntu Linux server version 12.04 LTS:

sysctl -w kernel.exec-shield=1
error: “kernel.exec-shield” is an unknown key

How do I fix this problem and make sure exec-shield buffer overflow protection security feature turned on Ubuntu Linux?

Linux: Turn On TCP SYN Cookie Protection

last updated April 14, 2013 in Linux, Networking, Security

I am under DoS attack. My cloud based server hosting company asked me to enable TCP SYN cookie protection to save my domain from SYN Attack. How do I turn on TCP Syn cookie protection under Ubuntu or CentOS Linux based server?

Linux: Force Close A Socket / Port On Server In a TIME_WAIT State

last updated March 10, 2014 in Linux, Networking, Troubleshooting

I run a BT client and few other server program on Linux. Sometime these programs get overloaded with too many connections and crashes. If I restart my apps, I see lots of old IPs in a TIME_WAIT state. How do I force and and close everything in a TIME_WAIT state under Linux operating systems?