The operating system must prevent public IPv6 access into an organizations internal networks, except as appropriately mediated by managed interfaces employing boundary protection devices.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-50781 | OL6-00-000107 | SV-64987r1_rule | Medium |
| Description |
|---|
| The "ip6tables" service provides the system's host-based firewalling capability for IPv6 and ICMPv6. |
| STIG | Date |
|---|---|
| Oracle Linux 6 Security Technical Implementation Guide | 2014-06-12 |
Details
| Check Text ( C-53253r1_chk ) |
|---|
| If IPv6 is disabled, this is not applicable. Run the following command to determine the current status of the "ip6tables" service: # service ip6tables status If the service is enabled, it should return the following: ip6tables is running... If the service is not running, this is a finding. |
| Fix Text (F-55575r1_fix) |
|---|
| The "ip6tables" service can be enabled with the following commands: # chkconfig ip6tables on # service ip6tables start |