diff --git a/easy-arch.sh b/easy-arch.sh
index 5b8ac5a..a962715 100644
--- a/easy-arch.sh
+++ b/easy-arch.sh
@@ -190,6 +190,26 @@ arch-chroot /mnt /bin/bash -e <<EOF
 
 EOF
 
+#Security kernel settings
+sudo bash -c 'cat > /mnt/etc/sysctl.d/51-dmesg-restrict.conf' <<-'EOF'
+kernel.dmesg_restrict = 1
+EOF
+
+sudo bash -c 'cat > /mnt/etc/sysctl.d/51-kptr-restrict.conf' <<-'EOF'
+kernel.kptr_restrict = 2
+EOF
+
+sudo bash -c 'cat > /mnt/etc/sysctl.d/51-kexec-restrict.conf' <<-'EOF'
+kernel.kexec_load_disabled = 1
+EOF
+
+sudo bash -c 'cat > /mnt/etc/sysctl.d/10-security.conf' <<-'EOF'
+fs.protected_hardlinks = 1
+fs.protected_symlinks = 1
+net.core.bpf_jit_harden = 2
+kernel.yama.ptrace_scope = 3
+EOF
+
 # Setting root password.
 echo "Setting root password."
 arch-chroot /mnt /bin/passwd