Hi Since upgrading to Squeeze, I'm getting these from Tiger:
dolly:/home/linda# tigexp lin014f It is possible to send IP spoofed packets from this machine. Spoofed packets are commonly used by trojans that make use of compromised hosts to deliver denial of service, man in the middle or connection hijacking. You should consider configuring your kernel to not permit this: # sysctl -w net.ipv4.conf.all.rp_filter = 2 and: # sysctl -w net.ipv4.conf.default.rp_filter = 2 dolly:/home/linda# tigexp lin016f Source routing might permit an attacker to send packets through your host (if routing is enabled) to other hosts without following your network topology setup. It should be enabled only under very special circumstances or otherwise an attacker could try to bypass the traffic filtering that is done on the network: # sysctl -w net.ipv4.conf.all.accept_source_route = 0 and: # sysctl -w net.ipv4.conf.default.accept_source_route = 0 dolly:/home/linda# tigexp lin017w Suspicious packets received by the kernel should be logged to detect incoming attacks. To activate this logging capability: # sysctl -w net.ipv4.conf.all.log_martians = 1 and: # sysctl -w net.ipv4.conf.default.log_martians = 1 Could these fixes be included in an update, or do I have to enter them myself? I don't like to edit the kernel because I don't know enough about it. Since I'm not sure it's actually a bug, I'm not reporting it as such. Linda ~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~ Linda Ursin Heksebua Adresse: Tlf: (+47) 402 40 767 Solvang www: http://heksebua.com 7288 Soknedal E-post: li...@heksebua.com Org: NO 995 578 107