diff --git a/README.md b/README.md
index 8c232ae..e295d80 100644
--- a/README.md
+++ b/README.md
@@ -132,8 +132,8 @@ configuration file and significant hardening is applied to a myriad of component
 
 - Disable TCP timestamps as they can allow detecting the system time.
 
-- Optional - Log packets with impossible source or destination addresses to
-  enable further inspection and analysis.
+- Log packets with impossible source or destination addresses to enable further
+  inspection and analysis.
 
 - Optional - Enable IPv6 Privacy Extensions.
 
diff --git a/usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared b/usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared
index a4914da..d7071b6 100644
--- a/usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared
+++ b/usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared
@@ -576,7 +576,7 @@ net.ipv4.tcp_timestamps=0
 ##
 ## The logging of martian packets is currently disabled.
 ##
-#net.ipv4.conf.*.log_martians=1
+net.ipv4.conf.*.log_martians=1
 
 ## Enable IPv6 Privacy Extensions to prefer temporary addresses over public addresses.
 ## The temporary/privacy address is used as the source for all outgoing traffic.