From 445824fef2d18ee0aab485a870329d63ccc006da Mon Sep 17 00:00:00 2001 From: Samson-W Date: Thu, 8 Aug 2019 05:33:23 +0800 Subject: [PATCH] Modified 7.1.1~7.2.3 to be compatible with CentOS. --- bin/hardening/7.1.1_disable_ip_forwarding.sh | 2 +- bin/hardening/7.1.2_disable_send_packet_redirects.sh | 2 +- bin/hardening/7.1.3_disable_interface_promisc_mode.sh | 2 +- bin/hardening/7.2.1_disable_source_routed_packets.sh | 2 +- bin/hardening/7.2.2_disable_icmp_redirect.sh | 2 +- bin/hardening/7.2.3_disable_secure_icmp_redirect.sh | 4 ++-- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/bin/hardening/7.1.1_disable_ip_forwarding.sh b/bin/hardening/7.1.1_disable_ip_forwarding.sh index bc058fe..bd281f0 100755 --- a/bin/hardening/7.1.1_disable_ip_forwarding.sh +++ b/bin/hardening/7.1.1_disable_ip_forwarding.sh @@ -1,7 +1,7 @@ #!/bin/bash # -# harbian audit 7/8/9 Hardening +# harbian audit 7/8/9/10 or CentOS Hardening # # diff --git a/bin/hardening/7.1.2_disable_send_packet_redirects.sh b/bin/hardening/7.1.2_disable_send_packet_redirects.sh index bbde757..5ca8a36 100755 --- a/bin/hardening/7.1.2_disable_send_packet_redirects.sh +++ b/bin/hardening/7.1.2_disable_send_packet_redirects.sh @@ -1,7 +1,7 @@ #!/bin/bash # -# harbian audit 7/8/9 Hardening +# harbian audit 7/8/9/10 or CentOS Hardening # # diff --git a/bin/hardening/7.1.3_disable_interface_promisc_mode.sh b/bin/hardening/7.1.3_disable_interface_promisc_mode.sh index 0b7d311..93d0264 100755 --- a/bin/hardening/7.1.3_disable_interface_promisc_mode.sh +++ b/bin/hardening/7.1.3_disable_interface_promisc_mode.sh @@ -1,7 +1,7 @@ #!/bin/bash # -# harbian audit 7/8/9 Hardening +# harbian audit 7/8/9/10 or CentOS Hardening # # diff --git a/bin/hardening/7.2.1_disable_source_routed_packets.sh b/bin/hardening/7.2.1_disable_source_routed_packets.sh index 9f335dc..894c9c7 100755 --- a/bin/hardening/7.2.1_disable_source_routed_packets.sh +++ b/bin/hardening/7.2.1_disable_source_routed_packets.sh @@ -1,7 +1,7 @@ #!/bin/bash # -# harbian audit 7/8/9 Hardening +# harbian audit 7/8/9/10 or CentOS Hardening # # diff --git a/bin/hardening/7.2.2_disable_icmp_redirect.sh b/bin/hardening/7.2.2_disable_icmp_redirect.sh index 851362f..fb32b47 100755 --- a/bin/hardening/7.2.2_disable_icmp_redirect.sh +++ b/bin/hardening/7.2.2_disable_icmp_redirect.sh @@ -1,7 +1,7 @@ #!/bin/bash # -# harbian audit 7/8/9 Hardening +# harbian audit 7/8/9/10 or CentOS Hardening # # diff --git a/bin/hardening/7.2.3_disable_secure_icmp_redirect.sh b/bin/hardening/7.2.3_disable_secure_icmp_redirect.sh index 58c0bd3..818717b 100755 --- a/bin/hardening/7.2.3_disable_secure_icmp_redirect.sh +++ b/bin/hardening/7.2.3_disable_secure_icmp_redirect.sh @@ -1,7 +1,7 @@ #!/bin/bash # -# harbian audit 7/8/9 Hardening +# harbian audit 7/8/9/10 or CentOS Hardening # # @@ -13,7 +13,7 @@ set -u # One variable unset, it's over HARDENING_LEVEL=2 -SYSCTL_PARAMS='net.ipv4.conf.all.secure_redirects=0 net.ipv4.conf.default.secure_redirects=0' +SYSCTL_PARAMS='net.ipv4.conf.all.secure_redirects=1 net.ipv4.conf.default.secure_redirects=1' # This function will be called if the script status is on enabled / audit mode audit () {