STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-209024r603263_rule
V-209024
SRG-OS-000480
OL6-00-000292
CAT II
10
For each interface [IFACE] on the system (e.g. eth0), edit "/etc/sysconfig/network-scripts/ifcfg-[IFACE]" and make the following changes.
Correct the BOOTPROTO line to read:
BOOTPROTO=none
Add or correct the following lines, substituting the appropriate values based on your site's addressing scheme:
NETMASK=[local LAN netmask]
IPADDR=[assigned IP address]
GATEWAY=[local LAN default gateway]
To verify that DHCP is not being used, examine the following file for each interface.
# /etc/sysconfig/network-scripts/ifcfg-[IFACE]
If there is any network interface without a associated "ifcfg" file, this is a finding.
Look for the following:
BOOTPROTO=none
Also verify the following, substituting the appropriate values based on your site's addressing scheme:
NETMASK=[local LAN netmask]
IPADDR=[assigned IP address]
GATEWAY=[local LAN default gateway]
If it does not, this is a finding.
V-209024
False
OL6-00-000292
To verify that DHCP is not being used, examine the following file for each interface.
# /etc/sysconfig/network-scripts/ifcfg-[IFACE]
If there is any network interface without a associated "ifcfg" file, this is a finding.
Look for the following:
BOOTPROTO=none
Also verify the following, substituting the appropriate values based on your site's addressing scheme:
NETMASK=[local LAN netmask]
IPADDR=[assigned IP address]
GATEWAY=[local LAN default gateway]
If it does not, this is a finding.
M
2928