Detections
Analytics
SLES-12-030390 - The SUSE operating system must prevent Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages from being accepted.
Information
ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.Solution
Configure the SUSE operating system to the required kernel parameter by adding the following line to '/etc/sysctl.conf' (or modify the line to have the required value):net.ipv4.conf.all.accept_redirects =0
Run the following command to apply this value:
# sysctl --system
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SLES_12_V3R4_STIG.zip
Item Details
Audit Name: DISA SLES 12 STIG v3r4
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-217291r991589_rule, STIG-ID|SLES-12-030390, STIG-Legacy|SV-92189, STIG-Legacy|V-77493, Vuln-ID|V-217291
Plugin: Unix
Control ID: 3844735fa67f271d4ed9387d60e72c4bee820ae889aba68ca2a890d9ade9ea43