PowerScale: Health Check Framework Security Evaluation Reports Network Sysctls as Incorrect Configured

INFO: sysctl net.inet.tcp.blackhole should be enabled (set to 1 or 2) to disguise ports without valid sockets from port scanners.

INFO: sysctl net.inet.udp.blackhole should be enabled (set to 1) to disguise ports without valid sockets from port scanners.

INFO: sysctl net.inet.icmp.drop_redirect should be enabled (set to 1) to prevent traffic sniffing and some man-in-the-middle attacks.

INFO: sysctl net.inet.ip.redirect should be disabled (set to 0) to prevent traffic sniffing and some man-in-the-middle attacks.

net.inet.tcp.blackhole

net.inet.udp.blackhole

net.inet.icmp.drop_redirect

net.inet.ip.redirect