UCF STIG Viewer Logo

The system must not have IP tunnels configured.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22547 GEN007820 SV-45986r1_rule Medium
Description
IP tunneling mechanisms can be used to bypass network filtering.
STIG Date
SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide 2018-09-19

Details

Check Text ( C-43267r1_chk )
Check for any IP tunnels.
# ip tun list
# ip -6 tun list
If any tunnels are listed, this is a finding.
Fix Text (F-39350r1_fix)
Remove the tunnels.
# ip tun del
Edit system startup scripts to prevent tunnel creation on startup.