Go to main content

Securing the Network in Oracle® Solaris 11.3

Exit Print View

Updated: April 2019

Tuning the Network

Table 2  Tuning Your Network Task Map
For Instructions
Disable the network routing daemon.
Limits access to systems by would-be network sniffers.
Prevent the dissemination of information about the network topology.
Prevents the broadcast of packets.
Prevents responses to broadcast echo requests and multicast echo requests.
For systems that are gateways to other domains, such as a firewall or a VPN node, turn on strict source and destination multihoming.
Prevents packets that do not have the address of the gateway in their header from moving beyond the gateway.
Prevent DOS attacks by controlling the number of incomplete system connections.
Limits the allowable number of incomplete TCP connections for a TCP listener.
Prevent DOS attacks by controlling the number of permitted incoming connections.
Specifies the default maximum number of pending TCP connections for a TCP listener.
Verify that strong random numbers are generated for initial TCP connections.
Complies with the sequence number generation value specified by RFC 6528.
Prevent ICMP redirection.
Removes indicators of the network topology.
Return network parameters to their secure default values.
Increases security that was reduced by administrative actions.