STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The system must not have IP forwarding for IPv6 enabled, unless the system is an IPv6 router.

DISA Rule

SV-220110r603266_rule

Vulnerability Number

V-220110

Group Title

SRG-OS-000480

Rule Version

GEN005610

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Disable IPv6 forwarding.
# ndd -set /dev/ip6 ip6_forwarding 0
Edit startup scripts as necessary; add this command or remove commands setting the value to 1.

Check Contents

Check if the system is configured for IPv6 forwarding.
# ndd /dev/ip6 ip6_forwarding
If the value is not 0, this is a finding.

Vulnerability Number

V-220110

Documentable

False

Rule Version

GEN005610

Severity Override Guidance

Check if the system is configured for IPv6 forwarding.
# ndd /dev/ip6 ip6_forwarding
If the value is not 0, this is a finding.

Check Content Reference

Target Key

4061

The system must not have IP forwarding for IPv6 enabled, unless the system is an IPv6 router.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments