Sysctl

Sysctl: ipe.success_audit

The sysctl key ipe.success_audit key is used to define if an audit event should be created when using the Linux security module IPE (Integrity Policy Enforcement). Learn about the possible values of this key and their meaning.

Sysctl: ipe.enforce

The sysctl key ipe.enforce key is used to define the mode of the Linux security module IPE (Integrity Policy Enforcement). Learn about the possible values of this key and their meaning.

Ipe

Learn about the sysctl command and the values related to the IPE (Integrity Policy Enforcement) module.

Net

Learn about the sysctl command and the values related to the network class.

Sysctl: net.ipv4.ip_forward

The sysctl key net.ipv4.ip_forward key is used to define IP forwarding of IPv4 network packets. Learn about the possible values of this key and their meaning.

Sysctl: kernel.perf_event_paranoid

Understand and configure the sysctl kernel.perf_event_paranoid key, including the possible values and their meaning.

Sysctl

Learn about the sysctl command and how it can help with kernel tunables to alter the system configuration and perform additional security hardening.

Kernel

Learn about the sysctl command and the values related to the kernel class.

Kernel.tainted

Understand and configure the sysctl kernel.tainted key, including the possible values and their meaning.

Understand and configure core dumps on Linux

When a Linux program or process gets into trouble, it typically crashes and leaves a core dump. Learn what Linux core dumps are and how to configure them.

Linux and ASLR: kernel/randomize_va_space

ASLR protects the Linux kernel and programs against different attacks. It can be tuned with the randomize_va_space setting to provide different protections.

Linux hardening with sysctl settings

The Linux kernel can be secured as well. Learn how system hardening principles can be applied using sysctl settings.

Protect against ptrace of processes: kernel.yama.ptrace_scope

Using the Linux Security Module (LSM) Yama we can protect the system against the usage of ptrace. The sysctl key kernel.yama.ptrace_scope sets the behavior.

Linux kernel security and how to improve it

Every system is as strong as its weakest link, especially the system kernel. This article explains Linux kernel security, what we can do and how to do so.