3.17 Disable Network Routing - ipv4-routing current = disabled

Information

The network routing daemon, in.routed, manages network routing tables. If enabled, it
periodically supplies copies of the system's routing tables to any directly connected hosts
and networks and picks up routes supplied to it from other networks and hosts.

Routing Internet Protocol (RIP) is a legacy protocol with a number of security weaknesses
including a lack of authentication, zoning, pruning, etc.

Solution

To enforce this setting and disable IPv4 routing, use the command-# routeadm -d ipv4-forwarding -d ipv4-routingTo enforce this setting and disable IPv6 routing, use the command-# routeadm -d ipv6-forwarding -d ipv6-routingTo apply these changes to the running system, use the command-# routeadm -u
4 Auditing and LoggingWith the release of the Solaris 11 OS, the Solaris Audit service is enabled by default. As a
result, recommendations where audit and log information was typically configured and
sent to the system log (syslog) facility have been modified to use the Solaris Audit service
instead. Note that for sites that still require such information to be delivered over syslog,
the Solaris Audit facility can be configured to deliver audit records to that service as well.Because it is often necessary to correlate log information from many different systems
(particularly after a security incident), it is recommended that the time be synchronized
among systems and devices connected to the local network. The standard Internet protocol
for time synchronization is the Network Time Protocol (NTP), which is supported by most
network-ready devices including Oracle Solaris 11. More information on NTP can be found
at http-//www.ntp.org.

See Also

https://workbench.cisecurity.org/files/616

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7(12), CSCv6|9.2

Plugin: Unix

Control ID: 63fd44e641b6c7f8eb613a68a2470e1b7ed6101bf18283785aed313cbfe22fe7