AIX must not process ICMP timestamp requests.

An XCCDF Rule

Details
Profiles

Description

The processing of Internet Control Message Protocol (ICMP) timestamp requests increases the attack surface of the system.

ID: SV-215429r991589_rule
Version: AIX7-00-003134
Severity: Medium
References: CCI-000366
Updated: 14 days ago

Remediation Templates

From the command prompt, run the following commands to create and activate "ipsec_v4" and "ipsec_v6" devices:
# mkdev -l ipsec -t 4
# mkdev -l ipsec -t 6

Run the following commands to create 2 IPsec rules to block the ICMP timestamp request and reply:
# genfilt -v 4 -a D -s 0 -m 0 -d 0 -M 0 -c icmp -O eq -P 13 -r B -w I -i all# genfilt -v 4 -a D -s 0 -m 0 -d 0 -M 0 -c icmp -o eq -p 14 -r B -w O -i all

From the command prompt, run the following command to activate all the filter rules in the rule database:
# mkfilt -u

AIX must not process ICMP timestamp requests.

Description

Remediation Templates

A Manual Procedure