Check: AIX7-00-002064
IBM AIX 7.x STIG:
AIX7-00-002064
(in versions v3 r1 through v1 r1)
Title
IP forwarding for IPv4 must not be enabled on AIX unless the system is a router. (Cat II impact)
Discussion
IP forwarding permits the kernel to forward packets from one network interface to another. The ability to forward packets between two networks is only appropriate for systems acting as routers.
Check Content
From the command prompt, run the following command: # no -o ipforwarding ipforwarding = 0 If the value returned is not "0", this is a finding.
Fix Text
Disable IPv4 forwarding on the system by running command: # no -p -o ipforwarding=0
Additional Identifiers
Rule ID: SV-215263r991589_rule
Vulnerability ID: V-215263
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
Number | Title |
---|---|
CM-6 |
Configuration Settings |