Check: GEN007880
VMware ESX 3 Server:
GEN007880
(in version v1 r2)
Title
The system must not send IPv6 ICMP redirects. (Cat II impact)
Discussion
ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table that could reveal portions of the network topology.
Check Content
Determine if the system is configured to send IPv6 ICMP redirects. If it is, this is a finding.
Fix Text
Configure the system to not send IPv6 ICMP redirects.
Additional Identifiers
Rule ID: SV-26226r1_rule
Vulnerability ID: V-22551
Group Title: GEN007880
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-001551 |
The organization defines approved authorizations for controlling the flow of information between interconnected systems. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| AC-4 |
Information Flow Enforcement |