[Security][Hardening] Network configuration


In order to fulfill some hardening constraints, I try to configure some network parameters but didn’t find them in the QNX documentation (related to the “/etc/sysctl.conf” file).

I just wonder if there is any possibility to
• ensure that bogus ICMP responses are ignored. In Linux, the corresponding parameter is “icmp_ignore_bogus_error_responses”.
• Ensure that reverse path filtering is enabled. In Linux, the corresponding parameter is “rp_filter”.

Thanks for your help.

Assuming that this is not a currently supported feature, you could create a stack filter that would deal with this, not a project for the faint of heart.

Thanks for your answer !