Detections
Analytics
GEN008540 - The system's local firewall must implement a deny-all, allow-by-exception policy.
Information
A local firewall protects the system from exposing unnecessary or undocumented network services to the local enclave. If a system within the enclave is compromised, firewall protection on an individual system continues to protect it from attack.Solution
Edit '/etc/sysconfig/iptables' and add a default deny rule.An example of a default deny rule:
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
Restart the iptable service.
# service iptables restart
See Also
http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip
Item Details
Category: SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|SC-7(5), CAT|II, CCE|CCE-14264-6, CCI|CCI-001109, Group-ID|V-22583, Rule-ID|SV-37985r1_rule, STIG-ID|GEN008540, Vuln-ID|V-22583
Plugin: Unix
Control ID: b661d369288b69a91a0c2aab21a8f7b3d4d11fe4d6fb2c94ca23b084193739e5