Hi
So after reading this, felt I should apply the fix to a CentOS6 VPS that I have. http://www.zdnet.com/article/linux-tcp-flaw-lets-anyone-hijack-internet-traf...
The article doesn't talk about CentOS or Redhat, but I assume the problem is the same, and hoping the solution is the same. However that doesn't seem to be the case.
[root@vps ~]# uname -r 2.6.32-042stab108.7 [root@vps ~]# sysctl -a | grep ack_limit net.ipv4.tcp_challenge_ack_limit = 100 [root@vps ~]# vi /etc/sysctl.conf
Append net.ipv4.tcp_challenge_ack_limit = 999999999 to end of file
[root@vps ~]# sysctl -p net.ipv4.ip_forward = 0 net.ipv4.tcp_syncookies = 1 error: permission denied on key 'net.bridge.bridge-nf-call-ip6tables' error: permission denied on key 'net.bridge.bridge-nf-call-iptables' error: permission denied on key 'net.bridge.bridge-nf-call-arptables' error: permission denied on key 'net.ipv4.tcp_challenge_ack_limit' [root@vps ~]# sysctl -a | grep ack_limit net.ipv4.tcp_challenge_ack_limit = 100
Am I getting a permission denied because of there is a different solution, or the problem doesn't apply to our VPS or some other reason?
Regards
Andrew Dent