Revision 1.5Jul 12, 2022
Functional Update
- 3.1.1 Ensure IP forwarding is disabled - sysctl ipv6
- 3.1.1 Ensure IP forwarding is disabled - sysctl.conf ipv6
- 3.2.1 Ensure source routed packets are not accepted - 'net.ipv6.conf.all.accept_source_route = 0'
- 3.2.1 Ensure source routed packets are not accepted - 'net.ipv6.conf.default.accept_source_route = 0'
- 3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.all.accept_source_route
- 3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.default.accept_source_route
- 3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv6.conf.all.accept_redirects = 0'
- 3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv6.conf.default.accept_redirects = 0'
- 3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.all.accept_redirects
- 3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.default.accept_redirects
- 3.2.9 Ensure IPv6 router advertisements are not accepted - net.ipv6.conf.all.accept_ra = 0
- 3.2.9 Ensure IPv6 router advertisements are not accepted - net.ipv6.conf.default.accept_ra = 0
- 3.2.9 Ensure IPv6 router advertisements are not accepted - sysctl net.ipv6.conf.all.accept_ra
- 3.2.9 Ensure IPv6 router advertisements are not accepted - sysctl net.ipv6.conf.default.accept_ra
- 5.2.18 Ensure SSH MaxStartups is configured - sshd output
- 5.2.18 Ensure SSH MaxStartups is configured - sshd_config