diff --git a/PKGBUILD b/PKGBUILD
index 456a5b7..8db5646 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -7,7 +7,7 @@ pkgname=(
   luzifer-gui
   luzifer-lenovo-gui
 )
-pkgver=0.11.0
+pkgver=0.11.1
 pkgrel=1
 pkgdesc='System configuration for @luzifer systems'
 arch=(any)
diff --git a/base/usr/share/luzifer/base-setup/files/sysctl.conf b/base/usr/share/luzifer/base-setup/files/sysctl.conf
index f186889..0c5830a 100644
--- a/base/usr/share/luzifer/base-setup/files/sysctl.conf
+++ b/base/usr/share/luzifer/base-setup/files/sysctl.conf
@@ -8,3 +8,13 @@ net.ipv4.conf.default.rp_filter = 1
 
 # CNSPEC: Ensure core dumps are restricted
 fs.suid_dumpable = 0
+
+# CNSPEC: Ensure ICMP redirects are not accepted
+net.ipv4.conf.all.accept_redirects = 0
+net.ipv4.conf.default.accept_redirects = 0
+net.ipv6.conf.all.accept_redirects = 0
+net.ipv6.conf.default.accept_redirects = 0
+
+# CNSPEC: Ensure secure ICMP redirects are not accepted
+net.ipv4.conf.all.secure_redirects = 0
+net.ipv4.conf.default.secure_redirects = 0