Stealth Mode must be enabled on the firewall.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-25337	OSX00465 M6	SV-37266r1_rule	ECSC-1	Medium

Description
Enable Stealth Mode to prevent the computer from sending responses to uninvited traffic.

STIG	Date
MAC OSX 10.6 Workstation Security Technical Implementation Guide Draft	2013-01-10

Details

Check Text ( C-35957r1_chk )
Open a terminal session and enter the following command. sudo ipfw print If no line contains "deny icmp from any to me in icmptypes 8" or a more restrictive rule, this is a finding.

Fix Text (F-31212r1_fix)
Open a terminal session and edit or create /Library/LaunchDaemons/org.freebsd.ipfw.plist and ensure it contains the following. "http://www.apple.com/DTDs/ PropertyList-1.0.dtd"> Label org.freebsd.ipfw Program /sbin/ipfw ProgramArguments /sbin/ipfw /etc/ipfw.conf RunAtLoad Edit or create /etc/ipfw.conf and ensure it contains the following line (the first number, a line number, may need to be changed if another line already begins with that number). Add 20 deny icmp from any to me in icmptypes 8

Fix Text (F-31212r1_fix)

Open a terminal session and edit or create /Library/LaunchDaemons/org.freebsd.ipfw.plist and ensure it contains the following.

"http://www.apple.com/DTDs/ PropertyList-1.0.dtd">

Label
org.freebsd.ipfw
Program
/sbin/ipfw
ProgramArguments

/sbin/ipfw
/etc/ipfw.conf

RunAtLoad

Edit or create /etc/ipfw.conf and ensure it contains the following line (the first number, a line number, may need to be changed if another line already begins with that number).

Add 20 deny icmp from any to me in icmptypes 8