bayupermadi
commented
6 years ago Firewall Configuration Since CentOS use firewalld instead Iptables as the default firewall, section 3.6 Firewall Configuration skipped.
Closed bayupermadi closed 6 years ago
bayupermadi
commented
6 years ago Firewall Configuration Since CentOS use firewalld instead Iptables as the default firewall, section 3.6 Firewall Configuration skipped.
3.1 Network Parameters (Host Only) 3.1.1 Ensure IP forwarding is disabled (Scored) 3.1.2 Ensure packet redirect sending is disabled (Scored)
3.2 Network Parameters (Host and Router) 3.2.1 Ensure source routed packets are not accepted (Scored) 3.2.2 Ensure ICMP redirects are not accepted (Scored) 3.2.3 Ensure secure ICMP redirects are not accepted (Scored) 3.2.4 Ensure suspicious packets are logged (Scored) 3.2.5 Ensure broadcast ICMP requests are ignored (Scored) 3.2.6 Ensure bogus ICMP responses are ignored (Scored) 3.2.7 Ensure Reverse Path Filtering is enabled (Scored) 3.2.8 Ensure TCP SYN Cookies is enabled (Scored)
3.3 IPv6 3.3.1 Ensure IPv6 router advertisements are not accepted (Scored) 3.3.2 Ensure IPv6 redirects are not accepted (Scored) 3.3.3 Ensure IPv6 is disabled (Not Scored)
3.4 TCP Wrappers 3.4.1 Ensure TCP Wrappers is installed (Scored) 3.4.2 Ensure /etc/hosts.allow is configured (Scored) 3.4.3 Ensure /etc/hosts.deny is configured (Scored) 3.4.4 Ensure permissions on /etc/hosts.allow are configured (Scored) 3.4.5 Ensure permissions on /etc/hosts.deny are 644 (Scored)
3.5 Uncommon Network Protocols 3.5.1 Ensure DCCP is disabled (Not Scored) 3.5.2 Ensure SCTP is disabled (Not Scored) 3.5.3 Ensure RDS is disabled (Not Scored) 3.5.4 Ensure TIPC is disabled (Not Scored)
3.6 Firewall Configuration 3.6.1 Ensure iptables is installed (Scored) 3.6.2 Ensure default deny firewall policy (Scored) 3.6.3 Ensure loopback traffic is configured (Scored) 3.6.4 Ensure outbound and established connections are configured (Not Scored) 3.6.5 Ensure firewall rules exist for all open ports (Scored)
3.7 Ensure wireless interfaces are disabled (Not Scored)