STIGQter STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The system must be configured with a default gateway for IPv6 if the system uses IPv6, unless the system is a router.

DISA Rule

SV-64107r1_rule

Vulnerability Number

V-22490

Group Title

GEN005570

Rule Version

GEN005570

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Add a default route for IPv6.

Edit /etc/sysconfig/network-scripts/ifcfg-eth0 (substitute interface as appropriate).

Add an IPV6_DEFAULTGW=<gateway> configuration setting.
Restart the interface.

# ifdown eth0; ifup eth0

Check Contents

Check for a default route for IPv6. If the system is a VM host and acts as a router solely for the benefit of its client systems, then this rule is not applicable.

# ip -6 route list | grep default

If the system uses IPv6, and no results are returned, this is a finding.

Vulnerability Number

V-22490

Documentable

False

Rule Version

GEN005570

Severity Override Guidance

Check for a default route for IPv6. If the system is a VM host and acts as a router solely for the benefit of its client systems, then this rule is not applicable.

# ip -6 route list | grep default

If the system uses IPv6, and no results are returned, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

2207

Comments