ISS 418 Lab 7 and 8
Lab Assessment Questions & Answers
1. What is the command to view the current Linux Kernel parameters?
The command that will allow you to see the Kernel parameters is sysctl –a.
2. What command can you run to list all the kernels available parameters one screen at a time with the ability to move forward and backwards on the output?
The command that would you to do accomplish this would be the less /proc/modules
3. What is the purpose of enabling syncookies in the Linux Kernel?
The purpose of enabling syncookies in the Linux Kernel is to help prevent a type of DoS attack by dropping connection which can lead to additional SYN messages.
4. When you want to enable a Linux Kernel command and enable it immediately without a physical re-boot of the system, what command must you enable in front of the command parameter? Explain what the following command will do : echo “1” > /proc/sys/net/ipv4/ip_forward
The command would enable the kernel along with activating IPv4 forwarding. The system requires a value of either 1 or a 0 with 1 being on and 0 being off. So the command would write the number 1 in the file to activate it. 5. If you wanted to limit the number of files that a user can open simultaneously on the Fedora Core Linux Server to a maximum of 1, what is the command syntax you need to enable in the Linux Kernel?
The command to to limit the number of files that a user can open simultaneously is the sysctl -w fs.file-max=1 command.
6. What is the best way to make a system-wide permanent change to the kernel to enable syncookies?
To do this you would enable on the TCP protocol by editing the following /etc/sysctl.conf file and add the following line: net.ipv4.tcp_syncookies = 1
7. Given a system that has been freshly installed your boss wants you to make sure it is up to date and locked down at the Kernel level. What steps would you take to verify what modules are loaded into the Kernel and how would you go about locking them down?
The
1. What is the command to view the current Linux Kernel parameters?
The command that will allow you to see the Kernel parameters is sysctl –a.
2. What command can you run to list all the kernels available parameters one screen at a time with the ability to move forward and backwards on the output?
The command that would you to do accomplish this would be the less /proc/modules
3. What is the purpose of enabling syncookies in the Linux Kernel?
The purpose of enabling syncookies in the Linux Kernel is to help prevent a type of DoS attack by dropping connection which can lead to additional SYN messages.
4. When you want to enable a Linux Kernel command and enable it immediately without a physical re-boot of the system, what command must you enable in front of the command parameter? Explain what the following command will do : echo “1” > /proc/sys/net/ipv4/ip_forward
The command would enable the kernel along with activating IPv4 forwarding. The system requires a value of either 1 or a 0 with 1 being on and 0 being off. So the command would write the number 1 in the file to activate it. 5. If you wanted to limit the number of files that a user can open simultaneously on the Fedora Core Linux Server to a maximum of 1, what is the command syntax you need to enable in the Linux Kernel?
The command to to limit the number of files that a user can open simultaneously is the sysctl -w fs.file-max=1 command.
6. What is the best way to make a system-wide permanent change to the kernel to enable syncookies?
To do this you would enable on the TCP protocol by editing the following /etc/sysctl.conf file and add the following line: net.ipv4.tcp_syncookies = 1
7. Given a system that has been freshly installed your boss wants you to make sure it is up to date and locked down at the Kernel level. What steps would you take to verify what modules are loaded into the Kernel and how would you go about locking them down?
The