Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Are being run under another UID.
- security.bsd.see_other_gids=0
- security.bsd.see_other_uids=0
- kern.ps_showallprocs=0
- kern.ipc.maxsockbuf=4000000
- # Enable stack protecttion
- kern.elf32.nxstack=1
- kern.elf64.nxstack=1
- # IP security options
- net.inet.ip.redirect=0
- net.inet.ip.sourceroute=0
- net.inet.ip.accept_sourceroute=0
- net.inet.ip.random_id=1
- net.inet.ip.portrange.first=9981
- net.inet.ip.ttl=128
- # TCP Security options
- net.inet.tcp.sendspace=32768
- net.inet.tcp.recvspace=32768
- net.inet.tcp.sendbuf_max=16777216
- net.inet.tcp.recvbuf_max=16777216
- net.inet.tcp.path_mtu_discovery=0
- net.inet.tcp.blackhole=2
- net.inet.tcp.drop_synfin=1
- # ICMP Security options
- net.inet.icmp.drop_redirect=1
- net.inet.icmp.maskrepl=0
- # UDP Security options
- net.inet.udp.recvbuf_max=16777216
- net.inet.udp.blackhole=1
- # Disable TSO in all interfaces
- net.inet.tcp.tso=0
Add Comment
Please, Sign In to add comment