3.9 Disable Response to Broadcast ICMPv4 Echo Request - persistent ip = 0

Information

This setting controls whether Solaris responds to broadcast ICMPv4 echo requests.

Reduce attack surface by restricting this vector used for host discovery and to prevent denial of service attacks.

Solution

To enforce this setting, use the command:
# ipadm set-prop -p _respond_to_echo_broadcast=0 ip

See Also

https://workbench.cisecurity.org/files/612

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7(12), CSCv6|9.2

Plugin: Unix

Control ID: ee88d0dcccc24c7813527998840c2d2cec7eb06e2eda335fe58039a0dd71ff3c