3.3.3 Ensure IPv6 is disabled (Not Scored)

Level 1 - Server
Level 1 - Workstation 

Although IPv6 has many advantages over IPv4, few organizations have implemented IPv6.

If IPv6 is not to be used, it is recommended that it be disabled to reduce the attack surface of the system.

Run the following command and verify output includes indicated line:

# modprobe -c | grep ipv6 
... 
options ipv6 disable=1 
...

Create the file /etc/modprobe.d/CIS.conf and add the following line:

options ipv6 disable=1
  • centos7/3/3/3.txt
  • Last modified: 2017/05/04 17:26
  • by 127.0.0.1