NET-IPV6-025 – IPv6 Site Local Unicast ADDR must not be defined Details The network element must be configured to ensure IPv6 Site Local Unicast addresses are not defined in the enclave,...
NET-IPV6-033 – IPv6 routers are not configured with CEF enabled Details The administrator will enable CEF to improve router stability during a SYN flood attack in an IPv6 enclave. The...
NET-IPV6-034 – IPv6 Egress Outbound Spoofing Filter – ‘deny ipv6 any any log’ Details The network element must be configured from accepting any outbound IP packet that contains an illegitimate address in the...
NET-IPV6-034 – IPv6 Egress Outbound Spoofing Filter – ‘ipv6 verify unicast source reachable-via rx OUTBOUND_TO_BACKBONE’ Details The network element must be configured from accepting any outbound IP packet that contains an illegitimate address in the...
NET-IPV6-059 – Maximum hop limit is less than 32 Details The administrator must ensure that the maximum hop limit is at least 32. The Neighbor Discovery protocol allows a...
NET-IPV6-065 – The 6-to-4 router is not filtering protocol 41 – ‘ip access-group IPV4_EGRESS_FILTER’ Details The administrator must ensure the 6-to-4 router is configured to drop any IPv4 packets with protocol 41 received from...
NET-IPV6-065 – The 6-to-4 router is not filtering protocol 41 – ‘ip access-list IPV4_EGRESS_FILTER’ Details The administrator must ensure the 6-to-4 router is configured to drop any IPv4 packets with protocol 41 received from...
NET-IPV6-065 – The 6-to-4 router is not filtering protocol 41 – ‘tunnel mode ipv6ip 6to4’ Details The administrator must ensure the 6-to-4 router is configured to drop any IPv4 packets with protocol 41 received from...
NET-IPV6-066 – 6-to-4 router not filtering invalid source address – ‘ipv6 traffic-filter IPV6_EGRESS_ACL in’ Details The administrator must ensure the 6-to-4 router is configured to drop any outbound IPv6 packets from the internal network...
NET-IPV6-066 – 6-to-4 router not filtering invalid source address – ‘permit ipv6 2002:V4ADDR::/48’ Details The administrator must ensure the 6-to-4 router is configured to drop any outbound IPv6 packets from the internal network...