diff --git a/alpine/etc/sysctl.d/01-moby.conf b/alpine/etc/sysctl.d/01-moby.conf
index 6d1f80454..c12355ac1 100644
--- a/alpine/etc/sysctl.d/01-moby.conf
+++ b/alpine/etc/sysctl.d/01-moby.conf
@@ -1,3 +1,4 @@
+# general limits
 vm.max_map_count = 262144
 vm.overcommit_memory = 1
 net.core.somaxconn = 1024
@@ -7,4 +8,13 @@ net.ipv4.neigh.default.gc_thresh3 = 32768
 fs.aio-max-nr = 1048576
 fs.inotify.max_user_watches = 524288
 fs.file-max = 524288
-kernel.random.write_wakeup_threshold = 3072
\ No newline at end of file
+# for rngd
+kernel.random.write_wakeup_threshold = 3072
+# security restrictions
+kernel.kptr_restrict = 2
+net.ipv4.conf.all.send_redirects = 0
+net.ipv4.conf.default.accept_redirects = 0
+net.ipv4.conf.default.accept_source_route = 0
+net.ipv6.conf.all.accept_redirects = 0
+net.ipv6.conf.default.accept_redirects = 0
+kernel.perf_event_paranoid = 3
diff --git a/alpine/etc/sysctl.d/02-lynis.conf b/alpine/etc/sysctl.d/02-lynis.conf
deleted file mode 100644
index 276150e1e..000000000
--- a/alpine/etc/sysctl.d/02-lynis.conf
+++ /dev/null
@@ -1,6 +0,0 @@
-kernel.kptr_restrict = 2
-net.ipv4.conf.all.send_redirects = 0
-net.ipv4.conf.default.accept_redirects = 0
-net.ipv4.conf.default.accept_source_route = 0
-net.ipv6.conf.all.accept_redirects = 0
-net.ipv6.conf.default.accept_redirects = 0
\ No newline at end of file
diff --git a/alpine/etc/sysctl.d/03-kspp.conf b/alpine/etc/sysctl.d/03-kspp.conf
deleted file mode 100644
index 76c9e7a86..000000000
--- a/alpine/etc/sysctl.d/03-kspp.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-kernel.perf_event_paranoid = 3
-kernel.yama.ptrace_scope = 1
\ No newline at end of file