Guide to the Secure Configuration of SUSE Linux Enterprise 12
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Ensure IPv6 is disabled through kernel boot parameter
To disable IPv6 protocol support in the Linux kernel, add the argument <code>ipv6.disable=1</code> to the default GRUB2 command line for the Linux operating system. Configure the default Grub2 kern...Rule Low Severity -
Disable IPv6 Networking Support Automatic Loading
To prevent the IPv6 kernel module (<code>ipv6</code>) from binding to the IPv6 networking stack, add the following line to <code>/etc/modprobe.d/disabled.conf</code> (or another file in <code>/etc/...Rule Medium Severity -
Disable IPv6 Addressing on All IPv6 Interfaces
To disable support for (<code>ipv6</code>) addressing on all interface add the following line to <code>/etc/sysctl.d/ipv6.conf</code> (or another file in <code>/etc/sysctl.d</code>): <pre>net.ipv6....Rule Medium Severity -
Disable IPv6 Addressing on IPv6 Interfaces by Default
To disable support for (<code>ipv6</code>) addressing on interfaces by default add the following line to <code>/etc/sysctl.d/ipv6.conf</code> (or another file in <code>/etc/sysctl.d</code>): <pre>n...Rule Medium Severity -
Configure IPv6 Settings if Necessary
A major feature of IPv6 is the extent to which systems implementing it can automatically configure their networking devices using information from the network. From a security perspective, manually...Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules