GEN003611 - The system must log martian packets - 'net.ipv4.conf.all.log_martians'

Information

Martian packets are packets containing addresses known by the system to be invalid. Logging these messages allows the SA to identify misconfigurations or attacks in progress.

Solution

Configure the system to log martian packets.
Edit /etc/sysctl.conf and add a setting for 'net.ipv4.conf.all.log_martians=1' and 'net.ipv4.conf.default.log_martians=1'.

Reload the sysctls.
Procedure:
# sysctl -p

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

References: 800-53|AU-2d., 800-53|CM-6b., CAT|III, CCI|CCI-000126, CCI|CCI-000366, Rule-ID|SV-218488r603259_rule, STIG-ID|GEN003611, STIG-Legacy|SV-64207, STIG-Legacy|V-22418, Vuln-ID|V-218488

Plugin: Unix

Control ID: 6df2eed51051ac9021fa3ecfa65cf641a8544f7fd7b2d3ddd860910047993f02