sysctl.conf
keep away core file cluter
kern.corefile=/tmp/%N.core
make your connections a little more discreet
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
net.inet.ip.random_id=1
hardening - option to set these in installer
security.bsd.see_other_uids=0
security.bsd.see_other_gids=0
security.bsd.unprivileged_read_msgbuf=0
security.bsd.unprivileged_proc_debug=0
kern.randompid=1
security.bsd.stack_guard_page=1
rc.conf
enable your firewall
pf_enable="YES"
pf_rules="/etc/pf.conf"
pf_flags=""
pf.conf
basic firewall conf for a general user
pass log all
block in all
pass out all keep state
set skip on lo
Comments
No comments yet. Be the first to react!