GEN008540 - The system's local firewall must implement a deny-all, allow-by-exception policy.

Information

A local firewall protects the system from exposing unnecessary or undocumented network services to the local enclave. If a system within the enclave is compromised, firewall protection on an individual system continues to protect it from attack.

Solution

Edit /etc/ipf/ipf.conf and add a default deny rule.
Restart the ipfilter service.
# svcadm restart network/ipfilter

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_10_x86_V2R4_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-17(1), CAT|II, CCI|CCI-002314, Rule-ID|SV-227981r854521_rule, STIG-ID|GEN008540, STIG-Legacy|SV-26976, STIG-Legacy|V-22583, Vuln-ID|V-227981

Plugin: Unix

Control ID: 804a01f12056e70c435825c798b09cbe3fc22bf0ec9dbc86238b4f0d2fcefe93