Ensure /etc/hosts.deny is configured

Information

The /etc/hosts.deny file serves as a failsafe so that any host not specified in /etc/hosts.allow is denied access to the system.

Solution

Run the following command to create /etc/hosts.deny: # echo 'ALL: ALL' >> /etc/hosts.deny

See Also

https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623.html

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7(5), CSCv6|9.2

Plugin: Unix

Control ID: 13f89f909aa57d928650bed5314aeff9be7351fc700c3e140cca617df9876560