Saltstack Official Linux Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

cis-3-3-3.yml 789B

1234567891011121314151617181920212223242526272829303132333435
  1. # CIS 3.3.3 Ensure IPv6 is disabled
  2. #
  3. # Description
  4. # ===========
  5. # Although IPv6 has many advantages over IPv4, few organizations have
  6. # implemented IPv6.
  7. #
  8. # Rationale
  9. # =========
  10. # If IPv6 is not to be used, it is recommended that it be disabled to
  11. # reduce the attack surface of the system.
  12. #
  13. # Audit
  14. # ======
  15. # Run the following command and verify that each linux line has
  16. # the 'ipv6.disable=1' parameter set:
  17. #
  18. # # grep "^\s*linux" /boot/grub/grub.cfg
  19. #
  20. # Remediation
  21. # ===========
  22. # Edit /etc/default/grub and add 'ipv6.disable=1' to GRUB_CMDLINE_LINUX:
  23. #
  24. # GRUB_CMDLINE_LINUX="ipv6.disable=1"
  25. #
  26. # Run the following command to update the grub2 configuration:
  27. #
  28. # # update-grub
  29. #
  30. parameters:
  31. linux:
  32. system:
  33. kernel:
  34. boot_options:
  35. - ipv6.disable=1