Navigate

Check: GEN000000-LNX007580

VMware ESX 3 Server: GEN000000-LNX007580 (in version v1 r2)

Title

The PF_LLC protocol handler must not be bound to the network stack. (Cat II impact)

Discussion

The Packet Family - Logical Link Control (PF_LLC) protocol handler provides a sockets interface for applications to communicate over the LLC sublayer. This interface is not commonly used and may increase the attack surface of the system.

Check Content

If the system does not have a PF_LLC protocol handler, this is not applicable. Determine if the PF_LLC protocol handler is bound to the network stack. If it is, this is a finding.

Fix Text

Unbind the PF_LLC protocol handler from the network stack.

Additional Identifiers

Rule ID: SV-26210r1_rule

Vulnerability ID: V-22535

Group Title: GEN000000-LNX007580

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000032	The information system enforces information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AC-4 (8)	Security Policy Filters