Red Hat 6.5- sysctl -w net.ipv6.conf.default.accept_redirects=0

Posted by kjbradley on Server Fault See other posts from Server Fault or by kjbradley
Published on 2014-05-27T14:54:42Z Indexed on 2014/05/27 15:28 UTC
Read the original article Hit count: 173

Filed under:

redhat

|

redirect

|

IPv6

|

kickstart

I am in the process of writing a Red Hat 6.5 Kickstart disc with hardened security. I have run a program to determine where the weaknesses are in my system, and apparently there is a medium severity problem by accepting IPV6 redirects.

When I implement the following line in my post script in my kickstart, I can't access any websites externally with wget, or ssh/scp in from my computer.

sysctl -w net.ipv6.conf.default.accept_redirects=0

Is there a workaround to this so that the system will still be hardened but I will be able to access systems that are external?

© Server Fault or respective owner

Related posts about redhat

Invalid configuration `noarch-redhat-linux-gnu': machine `noarch-redhat' not recognized

as seen on Server Fault - Search for 'Server Fault'
When I try to build rpm from src rpm (Apache 2.4.1) I got this error: rpmbuild -tb httpd-2.4.1.tar.bz2 --ba httpd.spec + ./configure --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu --target=noarch-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin… >>> More
`# probe: true` in /etc/rc.d/init.d/* files on a RedHat system

as seen on Server Fault - Search for 'Server Fault'
Some files (e.g. nfs, nfslock, bind) in my /etc/rc.d/init.d/ directory have in their comment header a line such as: # probe: true I found that those particular scripts has the probe verb i.e.: service nfs probe But this is due to the fact that the mentioned scripts has code that deals with the… >>> More
Redhat Software RAID 1 not syncing

as seen on Server Fault - Search for 'Server Fault'
Hey guys, I setup a software RAID 1 on a Redhat server, everything went sweet and it synced the first time. The other day the raid failedover for some reason and the disks hadn't been syncing since that first time, so it went back to 2 weeks ago when we did the first sync. We got the system back… >>> More
Failed to start X server. REDHAT LINUX 5.3

as seen on Super User - Search for 'Super User'
I installed Red-hat 5.3 problem is that it is not showing graphical interface. only kernel / command prompt is available. I tried startx, then I got this msg No video BIOS modes for chosen depth also showing that ERROR: Failed to start X server. What should I do? >>> More
Problems installing Memcache (PECL extension)

as seen on Server Fault - Search for 'Server Fault'
I have installed memcached fine, and now I will need to install PECL extension memcache. Im running RedHat x86_64 es5. The installation gives me this: downloading memcache-2.2.6.tgz ... Starting to download memcache-2.2.6.tgz (35,957 bytes) ..........done: 35,957 bytes 11 source files, building running:… >>> More

Related posts about redirect

ajax redirect dillema, how to get redirect URL OR how to set properties for redirect request

as seen on Stack Overflow - Search for 'Stack Overflow'
First, I'm working in Google Chrome, if that helps. Here is the behavior: I send an xhr request via jquery to a remote site (this is a chrome Extension, and I've set all of the cross-site settings...): $.ajax({ type: "POST", contentType : "text/xml", url: some_url, data: some_xml… >>> More
.htaccess file size causes 500 Internal Server Error

as seen on Pro Webmasters - Search for 'Pro Webmasters'
As soon as my .htaccess goes over approx 8410 bytes, I get a 500 Internal Server Error. I don't think this is due to a bad redirect, as I have experimented with redirects in the .htaccess and then with just text that is commented out #. (no actual commands in the .htaccess file) Is there anything… >>> More
ASP.Net FormsAuthentication Redirect Loses the cookie between Redirect and Application_AuthenticateR

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a FormsAuthentication cookie that is persistent and works independently in a development, test, and production environment. I have a user that can authenticate, the user object is created, the authentication cookie is added to the response: 'Custom object to grab the TLD from the url authCookie… >>> More
How to avoid open-redirect vulnerability and safely redirect on successful login (HINT: ASP.NET MVC

as seen on Stack Overflow - Search for 'Stack Overflow'
Normally, when a site requires that you are logged in before you can access a certain page, you are taken to the login screen and after successfully authenticating yourself, you are redirected back to the originally requested page. This is great for usability - but without careful scrutiny, this feature… >>> More
Redirect with htaccess for images onto another server without redirect looping

as seen on Stack Overflow - Search for 'Stack Overflow'
Hey guys, I currently have a host where my main site is hosted on. I have set up nginx on another server to mirror/cache files being requested if it doesn't have it already, in particular images and flv videos. For example: www.domain.com is my main site. www.domain.com/video/video.flv www.domain… >>> More