mirrors/linux-bench
1
0
Fork 1
mirror of https://github.com/aquasecurity/linux-bench.git synced 2025-02-23 06:35:33 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #18 from aquasecurity/yoavAqua-patch-1

Browse source 
fix check 3.2.1.c
This commit is contained in:
Liz Rice 2019-10-10 09:42:56 +01:00 committed by GitHub
commit b079eda356
Failed to generate hash of commit
1 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
cfg/1.1.0/definitions.yaml
View file

@ -4312,10 +4312,13 @@ groups:
- id: 3.2.1.c
description: "Ensure source routed packets are not accepted"
audit: "grep net.ipv4.conf.all.accept_source_route /etc/sysctl.conf /etc/sysctl.d/*"
audit: "grep ^\\s*net.ipv4.conf.all.accept_source_route /etc/sysctl.conf /etc/sysctl.d/*"
tests:
test_items:
- flag: "net.ipv4.conf.all.accept_source_route = 0"
- flag: "net.ipv4.conf.all.accept_source_route"
compare:
op: eq
value: "0"
set: true
remediation: |
Set the following parameters in `/etc/sysctl.conf` or a `/etc/sysctl.d/*` file: