Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-22415 | GEN003608 | SV-37624r1_rule | ECSC-1 | Medium |
Description |
---|
Proxy ARP allows a system to respond to ARP requests on one interface on behalf of hosts connected to another interface. If this function is enabled when not required, addressing information may be leaked between the attached network segments. |
STIG | Date |
---|---|
Red Hat Enterprise Linux 5 Security Technical Implementation Guide | 2015-03-12 |
Check Text ( C-36823r1_chk ) |
---|
Verify the system does not use proxy ARP. # grep [01] /proc/sys/net/ipv4/conf/*/proxy_arp|egrep "default|all" If all of the resulting lines do not end with "0", this is a finding. |
Fix Text (F-31661r1_fix) |
---|
Configure the system to not use proxy ARP. Edit /etc/sysctl.conf and add a setting for "net.ipv4.conf.all.proxy_arp=0" and "net.ipv4.conf.default.proxy_arp=0". # sysctl -p |