Navigate

Check: GEN005590

SUSE Linux Enterprise Server v11 for System z STIG: GEN005590 (in versions v1 r12 through v1 r9)

Title

The system must not be running any routing protocol daemons, unless the system is a router. (Cat II impact)

Discussion

Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.

Check Content

Check for any running routing protocol daemons. If the system is a VM host and acts as a router solely for the benefits of its client systems, then this rule is not applicable. # ps ax | egrep '(ospf|route|bgp|zebra|quagga)' If any routing protocol daemons are listed, this is a finding.

Fix Text

Disable any routing protocol daemons.

Additional Identifiers

Rule ID: SV-46113r1_rule

Vulnerability ID: V-22665

Group Title: GEN005590

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-6	Configuration Settings