Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-11-27 15:00:32 -05:00
Code Issues Projects Releases Packages Wiki Activity

Make terminology consistent

Browse source
This commit is contained in:
raja-grewal 2025-10-19 01:41:58 +00:00 committed by GitHub
parent f2c3eba4f0
commit 9f7480e20a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 9 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

6
usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared
View file

@ -171,7 +171,7 @@ kernel.perf_event_paranoid=3
## Certain "oopses" can sometimes indicate and thwart potential kernel exploitation attempts.
## Warnings are messages generated by the kernel to indicate unexpected conditions or errors.
## By default, code execution continues regardless of warnings emitted by macros like WARN() and WARN_ON().
## Note that by forcing kernel panics on oopses and warnings, this exposes the system to targeted denial of service attacks.
## Note that by forcing kernel panics on oopses and warnings, this exposes the system to targeted denial-of-service attacks.
##
## https://en.wikipedia.org/wiki/Kernel_panic#Linux
## https://en.wikipedia.org/wiki/Linux_kernel_oops
@ -188,7 +188,7 @@ kernel.perf_event_paranoid=3
#kernel.warn_limit=1
## Force immediate system reboots on the occurrence of a single kernel panic.
## Increases resilience and limits impact of denial of service attacks as system automatically restarts.
## Increases resilience and limits impact of denial-of-service attacks as system automatically restarts.
## Ensures the system does not hang forever if a panic occurs, reducing susceptibility to both cold and warm boot attacks.
## Immediate rebooting also prevents persistent information disclosure on panic details that were dumped to screen.
##
@ -531,7 +531,7 @@ net.ipv6.conf.*.accept_source_route=0
## Do not accept IPv6 router advertisements (RAs) and solicitations.
## RAs are unsecured and unauthenticated and any device on the local link can send and accept them without verification.
## Malicious RAs can activate IPv6 connectivity on dormant hosts leading to unauthorized access.
## Flooding the network with malicious RAs can lead to denial of service attacks.
## Flooding the network with malicious RAs can lead to denial-of-service attacks.
## Rogue RAs can lead to interception of all network traffic by setting the attacker's system as the default gateway.
##
## https://datatracker.ietf.org/doc/html/rfc6104