{"description": "Certain kernel parameters should be set for systems which are\nacting as either hosts or routers to improve the system's ability defend\nagainst certain types of IPv4 protocol attacks.", "warnings": [], "requires": [], "conflicts": [], "values": ["sysctl_net_ipv4_conf_all_accept_redirects_value", "sysctl_net_ipv4_conf_all_accept_source_route_value", "sysctl_net_ipv4_conf_all_arp_filter_value", "sysctl_net_ipv4_conf_all_arp_ignore_value", "sysctl_net_ipv4_conf_all_forwarding_value", "sysctl_net_ipv4_conf_all_log_martians_value", "sysctl_net_ipv4_conf_all_rp_filter_value", "sysctl_net_ipv4_conf_all_secure_redirects_value", "sysctl_net_ipv4_conf_all_shared_media_value", "sysctl_net_ipv4_conf_default_accept_redirects_value", "sysctl_net_ipv4_conf_default_accept_source_route_value", "sysctl_net_ipv4_conf_default_forwarding_value", "sysctl_net_ipv4_conf_default_log_martians_value", "sysctl_net_ipv4_conf_default_rp_filter_value", "sysctl_net_ipv4_conf_default_secure_redirects_value", "sysctl_net_ipv4_conf_default_shared_media_value", "sysctl_net_ipv4_icmp_echo_ignore_broadcasts_value", "sysctl_net_ipv4_icmp_ignore_bogus_error_responses_value", "sysctl_net_ipv4_tcp_invalid_ratelimit_value", "sysctl_net_ipv4_tcp_rfc1337_value", "sysctl_net_ipv4_tcp_syncookies_value"], "groups": {}, "rules": ["sysctl_net_ipv4_conf_all_accept_local", "sysctl_net_ipv4_conf_all_accept_redirects", "sysctl_net_ipv4_conf_all_accept_source_route", "sysctl_net_ipv4_conf_all_arp_filter", "sysctl_net_ipv4_conf_all_arp_ignore", "sysctl_net_ipv4_conf_all_drop_gratuitous_arp", "sysctl_net_ipv4_conf_all_forwarding", "sysctl_net_ipv4_conf_all_log_martians", "sysctl_net_ipv4_conf_all_route_localnet", "sysctl_net_ipv4_conf_all_rp_filter", "sysctl_net_ipv4_conf_all_secure_redirects", "sysctl_net_ipv4_conf_all_shared_media", "sysctl_net_ipv4_conf_default_accept_redirects", "sysctl_net_ipv4_conf_default_accept_source_route", "sysctl_net_ipv4_conf_default_forwarding", "sysctl_net_ipv4_conf_default_log_martians", "sysctl_net_ipv4_conf_default_rp_filter", "sysctl_net_ipv4_conf_default_secure_redirects", "sysctl_net_ipv4_conf_default_shared_media", "sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "sysctl_net_ipv4_ip_local_port_range", "sysctl_net_ipv4_tcp_invalid_ratelimit", "sysctl_net_ipv4_tcp_rfc1337", "sysctl_net_ipv4_tcp_syncookies"], "platform": "system_with_kernel", "platforms": ["system_with_kernel"], "inherited_platforms": [], "cpe_platform_names": ["system_with_kernel"], "title": "Network Related Kernel Runtime Parameters for Hosts and Routers", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/group.yml"}