[CentOS] Linux TCP flaw

Fri Aug 12 05:33:10 UTC 2016
Andrew Dent <adent at ctcroydon.com.au>

Hi

So after reading this, felt I should apply the fix to a CentOS6 VPS that 
I have.
http://www.zdnet.com/article/linux-tcp-flaw-lets-anyone-hijack-internet-traffic/

The article doesn't talk about CentOS or Redhat, but I assume the 
problem is the same, and hoping the solution is the same.
However that doesn't seem to be the case.

[root at vps ~]# uname -r
2.6.32-042stab108.7
[root at vps ~]# sysctl -a | grep ack_limit
net.ipv4.tcp_challenge_ack_limit = 100
[root at vps ~]# vi /etc/sysctl.conf
 > Append
 > net.ipv4.tcp_challenge_ack_limit = 999999999
 > to end of file
[root at vps ~]# sysctl -p
net.ipv4.ip_forward = 0
net.ipv4.tcp_syncookies = 1
error: permission denied on key 'net.bridge.bridge-nf-call-ip6tables'
error: permission denied on key 'net.bridge.bridge-nf-call-iptables'
error: permission denied on key 'net.bridge.bridge-nf-call-arptables'
error: permission denied on key 'net.ipv4.tcp_challenge_ack_limit'
[root at vps ~]# sysctl -a | grep ack_limit
net.ipv4.tcp_challenge_ack_limit = 100

Am I getting a permission denied because of there is a different 
solution, or the problem doesn't apply to our VPS or some other reason?

Regards

Andrew Dent