The router must have gratuitous ARP disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-5618 | NET0781 | SV-5618r2_rule | ECSC-1 | Medium |
| Description |
|---|
| A gratuitous ARP is an ARP broadcast in which the source and destination MAC addresses are the same. It is used to inform the network about a hosts IP address. A spoofed gratuitous ARP message can cause network mapping information to be stored incorrectly, causing network malfunction. |
| STIG | Date |
|---|---|
| Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco | 2013-10-08 |
Details
| Check Text ( C-3577r5_chk ) |
|---|
| IOS Procedure: Review the configuration and verify that the "ip gratuitous-arps" global command is not configured. It is disabled by default in release 12.3 and above. |
| Fix Text (F-5529r4_fix) |
|---|
| The administrator must ensure the device configuration does not include the "ip gratuitous-arp" command. |