From 2613525b945c98c676a919cb4a9d54b90e51cbbf Mon Sep 17 00:00:00 2001 From: Patrick Schleizer Date: Fri, 18 Oct 2019 10:39:19 +0000 Subject: [PATCH] readme --- README.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index f72f865..3f0cbec 100644 --- a/README.md +++ b/README.md @@ -25,8 +25,9 @@ very useful for kernel exploits. * The TCP/IP stack is hardened by disabling ICMP redirect acceptance, ICMP redirect sending and source routing to prevent man-in-the-middle attacks, -ignoring all ICMP requests, enabling TCP syncookies to prevent SYN flood attacks -and enabling RFC1337 to protect against time-wait assassination attacks. +ignoring all ICMP requests, enabling TCP syncookies to prevent SYN flood +attacks and enabling RFC1337 to protect against time-wait assassination +attacks. * Some data spoofing attacks are made harder. @@ -44,7 +45,8 @@ on uncorrectable errors in ECC memory that could be exploited. * Kernel Page Table Isolation is enabled to mitigate Meltdown and increase KASLR effectiveness. -* SMT is disabled as it can be used to exploit the MDS and other vulnerabilities. +* SMT is disabled as it can be used to exploit the MDS and other +vulnerabilities. * All mitigations for the MDS vulnerability are enabled.