UCF STIG Viewer Logo

The system must not have IP tunnels configured.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22547 GEN007820 SV-26928r1_rule ECSC-1 Medium
Description
IP tunneling mechanisms can be used to bypass network filtering.
STIG Date
HP-UX 11.31 Security Technical Implementation Guide 2018-09-14

Details

Check Text ( C-35086r1_chk )
Examine the /etc/rc.config.d/netconf* files for any TUN_ configurations.
# cat /etc/rc.config.d/netconf* | tr '\011' ' ' | tr -s ' ' | \
sed -e 's/^[ \t]*//' | grep -v "^#" |grep '^TUN_'

If this configuration is found, this is a finding.
Fix Text (F-24172r1_fix)
Edit the /etc/rc.config.d/netconf* files and remove the tunnel configurations.