On Sat, Oct 26, 2013 at 7:58 PM, Ralf Mardorf <ralf.mard...@alice-dsl.net> wrote: > On Sat, 2013-10-26 at 21:37 +0200, Roland RoLaNd wrote: >> >> I'm reading up on how to harden debian. >> i just checked /etc/sysctl.conf and noticed that everything is >> commented out. >> do that mean they're running as defaults or none of what exists in >> this file is implemented? > > What do you expect? > > I'm using another distro that switched. > > ls /etc/sysctl* > /etc/sysctl.conf.pacnew /etc/sysctl.conf.pacsave > > /etc/sysctl.d: > > blah > > To my surprise, there where unusual settings in /etc/sysctl.conf, I > dropped them during the transition. > > What exactly should be not commented out by default? > > For the distro I'm using there only is > > net.ipv4.tcp_syncookies = 1 > net.ipv4.ip_forward = 0 > net.ipv6.conf.all.forwarding = 0 > > by default. I had much more in my /etc/sysctl.conf, caused by what ever > package, but not by me and after I dropped those settings, nothing evil > happened.
You might want to check "/usr/lib/sysctl.d/" on your "other distro." :) Debian has "/lib/modprobe.d" so "/lib/sysctl.d" might follow one day... -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAOdo=swib75_kotqan97trttewc4wry_hx0e2w5kyxm69o1...@mail.gmail.com
