Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-101087 | SRG-NET-000512-RTR-000014 | SV-110191r1_rule | Medium |
Description |
---|
Many of the known attacks in stateless autoconfiguration are defined in RFC 3756 were present in IPv4 ARP attacks. To mitigate these vulnerabilities, links that have no hosts connected such as the interface connecting to external gateways must be configured to suppress router advertisements. |
STIG | Date |
---|---|
Router Security Requirements Guide | 2020-06-30 |
Check Text ( C-99959r1_chk ) |
---|
This requirement is not applicable for the DODIN Backbone. Review the router configuration to verify Router Advertisements are suppressed on all external IPv6-enabled interfaces. If the router is not configured to suppress Router Advertisements on all external IPv6-enabled interfaces, this is a finding. |
Fix Text (F-106783r1_fix) |
---|
Configure the router to suppress Router Advertisements on all external IPv6-enabled interfaces. |