DoD proxies must be configured on all active network interfaces.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-51343 | OSX8-00-00810 | SV-65553r1_rule | Medium |
| Description |
|---|
| A proxy server is designed to hide the identity of the client when making a connection to a server on the outside of its network. This prevents any hackers on the outside of learning IP addresses within the private network. With a proxy acting as the mediator, the client does not interact directly with the servers it is connecting to; the proxy server is in the middle handling both sides of the session. |
| STIG | Date |
|---|---|
| Apple OS X 10.8 (Mountain Lion) Workstation STIG | 2015-02-10 |
Details
| Check Text ( C-53691r1_chk ) |
|---|
| To show the proxy configuration for the Ethernet interface, run the following command: networksetup -getautoproxyurl Ethernet replace "Ethernet" with the plain English name of the network interface you need to verify. If there is no proxy defined, or enabled is set to "No", this is a finding. This command: networksetup -listallnetworkservices will list the plain English names of all configured network interfaces on the computer. |
| Fix Text (F-56143r1_fix) |
|---|
| Ensure that DoD proxies are configured on all active network interfaces listed from the command: networksetup -listallnetworkservices |