The system must not send IPv4 ICMP redirects.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-22417 | GEN003610 | SV-26081r1_rule | ECSC-1 | Medium |
| Description |
|---|
| ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table that could reveal portions of the network topology. |
| STIG | Date |
|---|---|
| VMware ESX 3 Server | 2016-05-13 |
Details
| Check Text ( C-29256r1_chk ) |
|---|
| Determine if the system is configured to send IPv4 ICMP redirect messages. Consult vendor documentation to determine if the system originates IPv4 ICMP redirect messages and if a specific configuration setting is present and configured correctly. If no configuration is available, determine if the local firewall is configured to block IPv4 ICMP redirects originating from the system. If the system originates IPv4 ICMP redirect messages, and is not prevented from sending them through configuration or local firewall settings, this is a finding. |
| Fix Text (F-26275r1_fix) |
|---|
| Configure the system to not send IPv4 ICMP redirect messages. Consult vendor documentation for the procedures for configuring the system configuration setting or adding a local firewall rule to prevent the sending of these messages. |