diff --git a/etc/sysctl.d/tcp_hardening.conf b/etc/sysctl.d/tcp_hardening.conf
index 0cea4be..e192a8b 100644
--- a/etc/sysctl.d/tcp_hardening.conf
+++ b/etc/sysctl.d/tcp_hardening.conf
@@ -15,5 +15,12 @@ net.ipv6.conf.default.accept_redirects=0
 net.ipv4.conf.all.send_redirects=0
 net.ipv4.conf.default.send_redirects=0
 
-# Ignores ICMP requests
+# Ignores ICMP requests.
 net.ipv4.icmp_echo_ignore_all=1
+
+# Enables TCP syncookies.
+net.ipv4.tcp_syncookies=1
+
+# Disable source routing.
+net.ipv4.conf.all.accept_source_route=0
+net.ipv4.conf.default.accept_source_route=0