I am setting up a server using RH 7.1 running 2.4.2.2 kernel. I am in the process of securing the server. According to a book on securing a RH Linux Server, I should disable IP source routing, since it is possible to use for IP spoofing. Seems to me that this should be disabled by default, but it is not. Looking at the file /proc/sys/net/ipv4/conf/default/accept_source_route shows it is enabled. Am I correct that this is enabled in the kernel at time of compile? According to the book it can be disabled in the sysctl.conf file. Seems to me that too much is taken for granted of users, when RH Linux is installed.

Thanks for the help!

Whats your question?? or are you just griping about the install...

Well..., can it be disabled without a re-compile of the kernel? According to the book, though the book was written about Rh 6.x, which I assume is true. Just a fyi or mine posting, though maybe a bit of griping involved. If no other feedback, then I shall proceed down the path that I am following.

Thank You!

What I would do is set up a firewall using iptables that will block anything coming to the external interface that has an internal ip address.

With iptables you can block spoofed packets... it's nice