GEN008540 - The system's local firewall must implement a deny-all, allow-by-exception policy.

Information

A local firewall protects the system from exposing unnecessary or undocumented network services to the local enclave. If a system within the enclave is compromised, firewall protection on an individual system continues to protect it from attack.

Solution

Edit /etc/ipf/ipf.conf and add a default deny rule.
Restart the ipfilter service.
# svcadm restart network/ipfilter

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_10_x86_V2R2_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-17(1), CAT|II, CCI|CCI-002314, Rule-ID|SV-227981r603266_rule, STIG-ID|GEN008540, STIG-Legacy|SV-26976, STIG-Legacy|V-22583, Vuln-ID|V-227981

Plugin: Unix

Control ID: 344968435b228d09f5b8d92fcd4e2f0cfb87e6cd7f043a3b487427b4855df07a