STIGQter STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The system must log martian packets.

DISA Rule

SV-64207r1_rule

Vulnerability Number

V-22418

Group Title

GEN003611

Rule Version

GEN003611

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure the system to log martian packets.
Edit /etc/sysctl.conf and add a setting for "net.ipv4.conf.all.log_martians=1" and "net.ipv4.conf.default.log_martians=1".

Reload the sysctls.
Procedure:
# sysctl -p

Check Contents

Verify the system logs martian packets.

# grep [01] /proc/sys/net/ipv4/conf/*/log_martians|egrep "default|all"

If all of the resulting lines do not end with "1", this is a finding.

Vulnerability Number

V-22418

Documentable

False

Rule Version

GEN003611

Severity Override Guidance

Verify the system logs martian packets.

# grep [01] /proc/sys/net/ipv4/conf/*/log_martians|egrep "default|all"

If all of the resulting lines do not end with "1", this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

2207

Comments