Rule ID
SV-281352r1184706_rule
Version
V1R1
ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology. The ability to send ICMP redirects is only appropriate for systems acting as routers. Satisfies: SRG-OS-000420-GPOS-00186, SRG-OS-000142-GPOS-00083
Verify RHEL 10 does not allow interfaces to perform Internet Protocol version 4 (IPv4) ICMP redirects by default. Check the value of the "net.ipv4.conf.default.send_redirects" variables with the following command: $ sudo sysctl net.ipv4.conf.default.send_redirects net.ipv4.conf.default.send_redirects=0 If "net.ipv4.conf.default.send_redirects" is not set to "0" and is not documented with the information system security officer as an operational requirement or is missing, this is a finding.
Configure RHEL 10 to not allow interfaces to perform IPv4 ICMP redirects by default. Create a configuration file if it does not already exist: $ sudo vi /etc/sysctl.d/ipv4_send_redirects.conf Add the following line to the file: net.ipv4.conf.default.send_redirects = 0 Reload settings from all system configuration files with the following command: $ sudo sysctl --system