Many IT people (myself included) take their cars for granted. I don’t mean that IT pros drive junkers. In fact, some of my colleagues drive fancy cars. In my case, I require only that my car get me from point A to point B, and my upkeep consists of taking it to a mechanic when necessary.
Cars and operating systems have very little in common on the surface, yet some of the same overall rules apply to both. To perform to their potential, operating systems and cars need fine-tuning.
The default settings for most operating systems, including Microsoft Windows and UNIX, are very general. While these settings are sufficient for handling a variety of tasks, problems can occur if your OS isn’t configured to handle Internet application specifics. If you’re operating on a busy Internet server, for example, OS limits can cause poor performance and sporadic system crashes, and disable services on the host.
Some companies make the mistake of confusing system crashes and poor performance with denial of service (DoS) attacks. For example, using default TCP/IP settings on a firewall host often results in unacceptable performance and periodic outages. Some TCP/IP default settings may even make the firewall itself vulnerable.
Want more on Internet security?
Subscribe now to our Internet Security Focus TechMail to receive the latest security news in your inbox.
The trouble with fine-tuning operating systems is that many of the settings are interrelated, and altering TCP/IP settings without a purpose can lead to bigger problems.
You can safely adjust a number of settings in the TCP/IP stacks in operating systems. Some of the tweaks you can make include setting timeouts for socket operations, processing of Internet Control Message Protocol (ICMP) packets, and forwarding of IP packets. There are also OS settings that can affect the overall system performance, such as memory allocation and swap space.
The goal of tuning an OS is to optimize the system for specific tasks. This often requires changing several settings at once and monitoring performance. OS tuning in order to improve Internet services usually centers around adjusting TCP/IP settings for TCP “socket” operations. Depending on the OS, the number of open sockets available for use is limited. When it reaches its limit, the server may refuse new TCP connections. (This is how DoS attacks overwhelm and disable Internet services with service requests.) The challenge is deciphering whether a problem with an Internet service is a real attack or just an improperly configured OS.
There are droves of resources available that go into more detail about this subject. Internet software companies regularly provide documentation on recommended hardware and OS settings for their products. Go to a search engine and type Operating system tuning, and dozens of links will appear. Also, having a good understanding of TCP/IP is helpful. I suggest you check out TCP/IP Illustrated, Volumes 1-3 by W. Richard Stevens and Gary R. Wright.