From HP-UX 11.31 Security Technical Implementation Guide
Part of GEN003601
Associated with IA controls: ECSC-1
Associated with: CCI-000366
To provide some mitigation to TCP Denial of Service (DoS) attacks, the TCP backlog queue sizes must be set to at least 1280 or in accordance with product-specific guidelines.
Check the value of the tcp_syn_rcvd_max parameter. # ndd -get /dev/tcp tcp_syn_rcvd_max If the returned value is less than 1280, this is a finding.
Set the tcp_syn_rcvd_max parameter to 1280. # ndd -set /dev/tcp tcp_syn_rcvd_max 1280 Edit /etc/rc.config.d/nddconf and add/set: TRANSPORT_NAME[x] = tcp NDD_NAME[x] = tcp_syn_rcvd_max NDD_VALUE[x] = 1280
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer