Check: OL6-00-000321
Oracle Linux 6 STIG:
OL6-00-000321
(in versions v2 r7 through v1 r18)
Title
The system must provide VPN connectivity for communications over untrusted networks. (Cat III impact)
Discussion
Providing the ability for remote users or systems to initiate a secure VPN connection protects information when it is transmitted over a wide area network.
Check Content
If the system does not communicate over untrusted networks, this is not applicable. Run the following command to determine if the "libreswan" package is installed: # rpm -q libreswan If the package is not installed, this is a finding.
Fix Text
The Libreswan package provides an implementation of IPsec and IKE, which permits the creation of secure tunnels over untrusted networks. The "libreswan" package can be installed with the following command: # yum install libreswan
Additional Identifiers
Rule ID: SV-219580r793837_rule
Vulnerability ID: V-219580
Group Title: SRG-OS-000480
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
CCI-002418 |
The information system protects the confidentiality and/or integrity of transmitted information. |