View topic - [Security][Hardening] Network configuration

[Security][Hardening] Network configuration

General Help about QNX

[Security][Hardening] Network configuration

Postby St3f » Fri Nov 20, 2020 10:06 am

Hello,

In order to fulfill some hardening constraints, I try to configure some network parameters but didn’t find them in the QNX documentation (related to the “/etc/sysctl.conf” file).

I just wonder if there is any possibility to
• ensure that bogus ICMP responses are ignored. In Linux, the corresponding parameter is “icmp_ignore_bogus_error_responses”.
• Ensure that reverse path filtering is enabled. In Linux, the corresponding parameter is “rp_filter”.

Thanks for your help.
St3f
New Member
 
Posts: 2
Joined: Thu Nov 19, 2020 1:02 pm

Re: [Security][Hardening] Network configuration

Postby maschoen » Fri Nov 27, 2020 6:43 am

Assuming that this is not a currently supported feature, you could create a stack filter that would deal with this, not a project for the faint of heart.
maschoen
QNX Master
 
Posts: 2728
Joined: Wed Jun 25, 2003 5:18 pm


Return to Help

Who is online

Users browsing this forum: No registered users and 1 guest