======3.2.4 Ensure suspicious packets are logged (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server
Level 1 - Workstation 
</code>

=====Description=====
When enabled, this feature logs packets with un-routable source addresses to the kernel log.

=====Rationale=====
Enabling this feature and logging these packets allows an administrator to investigate the possibility that an attacker is sending spoofed packets to their system.

=====Audit===== 
Run the following command and verify output matches:
<Code:bash>
# sysctl net.ipv4.conf.all.log_martians 
net.ipv4.conf.all.log_martians = 1 
# sysctl net.ipv4.conf.default.log_martians 
net.ipv4.conf.default.log_martians = 1
</Code>

=====Remediation===== 
Set the following parameter in the ''/etc/sysctl.conf'' file:
<Code:bash>
net.ipv4.conf.all.log_martians = 1 
net.ipv4.conf.default.log_martians = 1
</Code>
Run the following commands to set the active kernel parameters:
<Code:bash>
# sysctl -w net.ipv4.conf.all.log_martians=1 
# sysctl -w net.ipv4.conf.default.log_martians=1 
# sysctl -w net.ipv4.route.flush=1
</Code>