{"description": "To introduce randomness into the automatic generation of IPv6\naddresses, add or correct the following line in\n<tt>/etc/sysconfig/network-scripts/ifcfg-<i>interface</i></tt>:\n<pre>IPV6_PRIVACY=rfc3041</pre>\nAutomatically-generated IPv6 addresses are based on the underlying hardware\n(e.g. Ethernet) address, and so it becomes possible to track a piece of\nhardware over its lifetime using its traffic. If it is important for a system's\nIP address to not trivially reveal its hardware address, this setting should be\napplied.", "rationale": "", "severity": "unknown", "references": {"cui": ["3.1.20"]}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": null, "ocil": null, "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": ["ipv6[enabled]"], "cpe_platform_names": [], "inherited_cpe_platform_names": ["ipv6_enabled"], "bash_conditional": null, "fixes": {}, "title": "Use Privacy Extensions for Address", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/rule.yml", "template": null}