Network - Ignore Broadcasts

Description

Ensures that ICMP broadcast requests are ignored

Tags

  • CCE-26883-9

Solution

echo 'net.ipv4.icmp_echo_ignore_broadcasts=1' >/etc/sysctl.d/50-icmp_echo_ignore_broadcasts.conf && sysctl -p

Check Script: network-ignore-broadcast-requests.sh

if [[ $(/sbin/sysctl -n net.ipv4.icmp_echo_ignore_broadcasts 2>/dev/null) == 1 ]]; then
	result_failed "net.ipv4.icmp_echo_ignore_broadcasts is not 1"
fi