UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

IPv6 will be disabled until a deliberate transition strategy has been implemented.


Overview

Finding ID Version Rule ID IA Controls Severity
V-14262 5.050 SV-30297r1_rule ECSC-1 Medium
Description
Any nodes’ interface with IPv6 enabled by default presents a potential risk of traffic being transmitted or received without proper risk mitigation strategy and therefore a serious security concern.
STIG Date
Windows 2003 Domain Controller Security Technical Implementation Guide 2014-01-07

Details

Check Text ( C-30789r1_chk )
Prior to transition, IPv6 will not be installed. The following registry key indicates the IPv6 protocol has been installed. If it exists, then this is a finding.

Registry Hive: HKEY_LOCAL_MACHINE
Subkey: \System\CurrentControlSet\Services\Tcpip6

Note: The Gold Disk can only check for the existence of the key. If IPv6 has been implemented in your environment, manually close the finding.

See S0-C1-imp-1 of the The Department of National Intelligence/Department of Defense (DoD) Internet Protocol version 6 (IPv6) Information Assurance Guidance for Milestone Objective 3 for additional information.
Fix Text (F-27324r1_fix)
Uninstall the IPv6 protocol until a deliberate transition strategy has been implemented.