Check: GEN003610
VMware ESX 3 Server:
GEN003610
(in version v1 r2)
Title
The system must not send IPv4 ICMP redirects. (Cat II impact)
Discussion
ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table that could reveal portions of the network topology.
Check Content
Determine if the system is configured to send IPv4 ICMP redirect messages. Consult vendor documentation to determine if the system originates IPv4 ICMP redirect messages and if a specific configuration setting is present and configured correctly. If no configuration is available, determine if the local firewall is configured to block IPv4 ICMP redirects originating from the system. If the system originates IPv4 ICMP redirect messages, and is not prevented from sending them through configuration or local firewall settings, this is a finding.
Fix Text
Configure the system to not send IPv4 ICMP redirect messages. Consult vendor documentation for the procedures for configuring the system configuration setting or adding a local firewall rule to prevent the sending of these messages.
Additional Identifiers
Rule ID: SV-26081r1_rule
Vulnerability ID: V-22417
Group Title: GEN003610
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001551 |
The organization defines approved authorizations for controlling the flow of information between interconnected systems. |
Controls
| Number | Title |
|---|---|
| AC-4 |
Information Flow Enforcement |