|
1234567891011121314151617181920212223242526272829303132333435 |
- # CIS 3.3.3 Ensure IPv6 is disabled
- #
- # Description
- # ===========
- # Although IPv6 has many advantages over IPv4, few organizations have
- # implemented IPv6.
- #
- # Rationale
- # =========
- # If IPv6 is not to be used, it is recommended that it be disabled to
- # reduce the attack surface of the system.
- #
- # Audit
- # ======
- # Run the following command and verify that each linux line has
- # the 'ipv6.disable=1' parameter set:
- #
- # # grep "^\s*linux" /boot/grub/grub.cfg
- #
- # Remediation
- # ===========
- # Edit /etc/default/grub and add 'ipv6.disable=1' to GRUB_CMDLINE_LINUX:
- #
- # GRUB_CMDLINE_LINUX="ipv6.disable=1"
- #
- # Run the following command to update the grub2 configuration:
- #
- # # update-grub
- #
- parameters:
- linux:
- system:
- kernel:
- boot_options:
- - ipv6.disable=1
|