Check: GEN007800
SUSE Linux Enterprise Server v11 for System z STIG:
GEN007800
(in versions v1 r12 through v1 r9)
Title
The system must not have Teredo enabled. (Cat II impact)
Discussion
Teredo is an IPv6 transition mechanism involving tunneling IPv6 packets encapsulated in IPv4 packets. Unauthorized tunneling may circumvent network security.
Check Content
Verify the Miredo service is not running. # ps ax | grep miredo | grep -v grep If the miredo process is running, this is a finding.
Fix Text
Edit startup scripts to prevent the service from running on startup.
Additional Identifiers
Rule ID: SV-45983r1_rule
Vulnerability ID: V-22546
Group Title: GEN007800
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-001551 |
The organization defines approved authorizations for controlling the flow of information between interconnected systems. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| AC-4 |
Information Flow Enforcement |