Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-01-27 20:57:00 -05:00
Code Issues Packages Projects Releases Wiki Activity

readme

Browse Source
This commit is contained in:
Patrick Schleizer 2019-10-18 10:39:19 +00:00
parent 957deac5cb
commit 2613525b94
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -25,8 +25,9 @@ very useful for kernel exploits.
* The TCP/IP stack is hardened by disabling ICMP redirect acceptance, * The TCP/IP stack is hardened by disabling ICMP redirect acceptance,
ICMP redirect sending and source routing to prevent man-in-the-middle attacks, ICMP redirect sending and source routing to prevent man-in-the-middle attacks,
ignoring all ICMP requests, enabling TCP syncookies to prevent SYN flood attacks ignoring all ICMP requests, enabling TCP syncookies to prevent SYN flood
and enabling RFC1337 to protect against time-wait assassination attacks. attacks and enabling RFC1337 to protect against time-wait assassination
attacks.
* Some data spoofing attacks are made harder. * Some data spoofing attacks are made harder.
@ -44,7 +45,8 @@ on uncorrectable errors in ECC memory that could be exploited.
* Kernel Page Table Isolation is enabled to mitigate Meltdown and increase * Kernel Page Table Isolation is enabled to mitigate Meltdown and increase
KASLR effectiveness. KASLR effectiveness.
* SMT is disabled as it can be used to exploit the MDS and other vulnerabilities. * SMT is disabled as it can be used to exploit the MDS and other
vulnerabilities.
* All mitigations for the MDS vulnerability are enabled. * All mitigations for the MDS vulnerability are enabled.