ExternalMirrors
/
linux-formula
mirror of https://github.com/salt-formulas/salt-formula-linux
Watch 1
Star 0
Fork 1
Code Issues 0 Releases 8 Wiki Activity
Saltstack Official Linux Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
778 Commits
26 Branches
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
linux-formula/metadata/service/system/cis/cis-3-3-3.yml

36 lines
789B
Raw Permalink Blame History 

  1. # CIS 3.3.3 Ensure IPv6 is disabled

  2. #

  3. # Description

  4. # ===========

  5. # Although IPv6 has many advantages over IPv4, few organizations have

  6. # implemented IPv6.

  7. #

  8. # Rationale

  9. # =========

  10. # If IPv6 is not to be used, it is recommended that it be disabled to

  11. # reduce the attack surface of the system.

  12. #

  13. # Audit

  14. # ======

  15. # Run the following command and verify that each linux line has

  16. # the 'ipv6.disable=1' parameter set:

  17. #

  18. #   # grep "^\s*linux" /boot/grub/grub.cfg

  19. #

  20. # Remediation

  21. # ===========

  22. # Edit /etc/default/grub and add 'ipv6.disable=1' to GRUB_CMDLINE_LINUX:

  23. #

  24. #   GRUB_CMDLINE_LINUX="ipv6.disable=1"

  25. #

  26. # Run the following command to update the grub2 configuration:

  27. #

  28. #   # update-grub

  29. #

  30. parameters:

  31.   linux:

  32.     system:

  33.       kernel:

  34.         boot_options:

  35.           - ipv6.disable=1