Navigate

Check: GEN003602 M6

MACOSX 10.6: GEN003602 M6 (in version v1 r3)

Title

The system must not process Internet Control Message Protocol (ICMP) timestamp requests. (Cat III impact)

Discussion

The processing of ICMP timestamp requests increases the attack surface of the system.

Check Content

Open a terminal session and enter the following command to view the timestamp. sysctl -a | grep net.inet.icmp.timestamp If the value of net.inet.icmp.timestamp is not set to "1", this is a finding.

Fix Text

Open a terminal session and edit the /etc/sysctl.conf file and add the following line. net.inet.icmp.timestamp=1 NOTE: If the sysctl.conf file does not exist use the following command to create one. touch /etc/sysctl.conf

Additional Identifiers

Rule ID: SV-38200r1_rule

Vulnerability ID: V-22409

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001551	The organization defines approved authorizations for controlling the flow of information between interconnected systems.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AC-4	Information Flow Enforcement