STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The system must be configured with a default gateway for IPv6 if the system uses IPv6, unless the system is a router.

DISA Rule

SV-64107r1_rule

Vulnerability Number

V-22490

Group Title

GEN005570

Rule Version

GEN005570

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Add a default route for IPv6.

Edit /etc/sysconfig/network-scripts/ifcfg-eth0 (substitute interface as appropriate).

Add an IPV6_DEFAULTGW=<gateway> configuration setting.
Restart the interface.

# ifdown eth0; ifup eth0

Check Contents

Check for a default route for IPv6. If the system is a VM host and acts as a router solely for the benefit of its client systems, then this rule is not applicable.

# ip -6 route list | grep default

If the system uses IPv6, and no results are returned, this is a finding.

STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The system must be configured with a default gateway for IPv6 if the system uses IPv6, unless the system is a router.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments