hpr_transcripts/hpr0287.txt

Episode: 287
Title: HPR0287: sysctl
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0287/hpr0287.mp3
Transcribed: 2025-10-07 15:35:22

---

uh
oh
oh
Hello and welcome to another exciting episode of Hacker Public Radio.
My name is Collette too and I wanted to talk a little bit about a program that I know
a little bit about called CISCTL.
That is S-Y-S-C-T-L.
And if you, the easiest way to, it's a complex command but it's also kind of simple.
I mean in that the man page is just about a screen full and that's about it.
What CISCTL does is it allows you to configure kernel parameters at runtime.
So anything that is being controlled by some kernel parameter or controlled by the kernel
or has been set by the kernel, you can then modify it via CISCTL.
So the easiest way to get an idea of the capabilities of this application is to simply type in CISCTL-A into a terminal.
And that will list a lot of different parameters that are set within your kernel.
Now this will include things like the reading and writing speed of your CD-ROM drive for instance.
This would be the kernel scheduling. This would be Internet IP version 4 and IP version 6 settings.
Just all kinds of things. It will be a very, very long list.
And most of it is, well most of it is way beyond my understanding,
but there are things like debugging, whether debugging for something is on or off, things like that.
The one thing that I really use is for is CISCTL is replying to ping.
So if you want to not reply to a ping, for instance if you're on a public network,
if you're a bit nervous about people snooping around, sniffing out things,
you could be a lot more invisible if you just don't reply to any ping.
CISCTL-A, well let's find the attribute first.
So CISCTL-A will obviously list them all, but then if you pipe it through GREP
and just do a GREP on anything with containing the letters ICMP and hit return.
You get about eight returns on that.
And most of them are the net.ipv4.ICMP group.
And one of them is net.ipv4.ICMP underscore, echo underscore, ignore underscore all, and it's equaling zero.
So that means that this is set right now to not ignore pings.
So if someone's pinging your IP address, you're going to respond to it like a good little computer.
Now to turn that to switch, to flip that switch to where it will ignore them,
you would want to simply put CISCTL-W.
And the W is the flag to say yes and when to change an attribute here.
And then you do net.ipv4.ICMP underscore, echo underscore, ignore underscore all,
equals, there's no spaces here, equals one.
And I got permission denied.
But if I do that as root, now it is set to ignore all the pings.
So if I go to another computer and start pinging this IP address, I will find that this IP address does not seem to exist.
And we could try that out right now in my key.
Hold on.
And yes, it is expected.
My Nokia is attempting to ping.
And there's just no response.
So it's kind of a nice little barrier to have between people pinging you and not responding to them.
Now if not responding to them at all, it's something that maybe you don't need.
You can also slow down your pinging response rate.
I don't really do that, but I understand that it is good for servers because I guess servers could get...
I mean, there's no reason necessarily for a server to respond right away to ping.
And the way to do that is, again, ctl.
And then you're going to need to set a new attribute.
And the attribute you'll want to set is going to be net.ipv4.ICMP underscore echo reply.
That's all one word, echo reply.
underscore rate equals whatever, 30.
So rather than just your computer automatically right away responding to a ping,
it'll be a slower rate of response, which if there's not really much of a reason for people to be pinging you,
that could probably help you out, just not tying up your server quite as much.
So those are the two tricks I know with ctl.
And if you know more about this command, you can certainly do an hacker public radio episode on the subject.
Which would be very interesting.
I just remember that ctl.a lists everything that is set right now.
ctl.w will allow you to change or create a new key in value pair.
And you plug that in and see what happens.
Until next time, thanks for listening.
Thank you for listening to hackers public radio.
hpr is sponsored by caro.net.
So head on over to caro.nc for all of our community.
You
Initial commit: HPR Knowledge Base MCP Server - MCP server with stdio transport for local use - Search episodes, transcripts, hosts, and series - 4,511 episodes with metadata and transcripts - Data loader with in-memory JSON storage 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> 2025-10-26 10:54:13 +00:00			`Episode: 287`
			`Title: HPR0287: sysctl`
			`Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0287/hpr0287.mp3`
			`Transcribed: 2025-10-07 15:35:22`

			`---`

			`uh`
			`oh`
			`oh`
			`Hello and welcome to another exciting episode of Hacker Public Radio.`
			`My name is Collette too and I wanted to talk a little bit about a program that I know`
			`a little bit about called CISCTL.`
			`That is S-Y-S-C-T-L.`
			`And if you, the easiest way to, it's a complex command but it's also kind of simple.`
			`I mean in that the man page is just about a screen full and that's about it.`
			`What CISCTL does is it allows you to configure kernel parameters at runtime.`
			`So anything that is being controlled by some kernel parameter or controlled by the kernel`
			`or has been set by the kernel, you can then modify it via CISCTL.`
			`So the easiest way to get an idea of the capabilities of this application is to simply type in CISCTL-A into a terminal.`
			`And that will list a lot of different parameters that are set within your kernel.`
			`Now this will include things like the reading and writing speed of your CD-ROM drive for instance.`
			`This would be the kernel scheduling. This would be Internet IP version 4 and IP version 6 settings.`
			`Just all kinds of things. It will be a very, very long list.`
			`And most of it is, well most of it is way beyond my understanding,`
			`but there are things like debugging, whether debugging for something is on or off, things like that.`
			`The one thing that I really use is for is CISCTL is replying to ping.`
			`So if you want to not reply to a ping, for instance if you're on a public network,`
			`if you're a bit nervous about people snooping around, sniffing out things,`
			`you could be a lot more invisible if you just don't reply to any ping.`
			`CISCTL-A, well let's find the attribute first.`
			`So CISCTL-A will obviously list them all, but then if you pipe it through GREP`
			`and just do a GREP on anything with containing the letters ICMP and hit return.`
			`You get about eight returns on that.`
			`And most of them are the net.ipv4.ICMP group.`
			`And one of them is net.ipv4.ICMP underscore, echo underscore, ignore underscore all, and it's equaling zero.`
			`So that means that this is set right now to not ignore pings.`
			`So if someone's pinging your IP address, you're going to respond to it like a good little computer.`
			`Now to turn that to switch, to flip that switch to where it will ignore them,`
			`you would want to simply put CISCTL-W.`
			`And the W is the flag to say yes and when to change an attribute here.`
			`And then you do net.ipv4.ICMP underscore, echo underscore, ignore underscore all,`
			`equals, there's no spaces here, equals one.`
			`And I got permission denied.`
			`But if I do that as root, now it is set to ignore all the pings.`
			`So if I go to another computer and start pinging this IP address, I will find that this IP address does not seem to exist.`
			`And we could try that out right now in my key.`
			`Hold on.`
			`And yes, it is expected.`
			`My Nokia is attempting to ping.`
			`And there's just no response.`
			`So it's kind of a nice little barrier to have between people pinging you and not responding to them.`
			`Now if not responding to them at all, it's something that maybe you don't need.`
			`You can also slow down your pinging response rate.`
			`I don't really do that, but I understand that it is good for servers because I guess servers could get...`
			`I mean, there's no reason necessarily for a server to respond right away to ping.`
			`And the way to do that is, again, ctl.`
			`And then you're going to need to set a new attribute.`
			`And the attribute you'll want to set is going to be net.ipv4.ICMP underscore echo reply.`
			`That's all one word, echo reply.`
			`underscore rate equals whatever, 30.`
			`So rather than just your computer automatically right away responding to a ping,`
			`it'll be a slower rate of response, which if there's not really much of a reason for people to be pinging you,`
			`that could probably help you out, just not tying up your server quite as much.`
			`So those are the two tricks I know with ctl.`
			`And if you know more about this command, you can certainly do an hacker public radio episode on the subject.`
			`Which would be very interesting.`
			`I just remember that ctl.a lists everything that is set right now.`
			`ctl.w will allow you to change or create a new key in value pair.`
			`And you plug that in and see what happens.`
			`Until next time, thanks for listening.`
			`Thank you for listening to hackers public radio.`
			`hpr is sponsored by caro.net.`
			`So head on over to caro.nc for all of our community.`
			`You`