VMware Aria Operations 8.17.1

8.18 8.17.1 8.16 8.14 8.12
简体中文 Deutsch Español Français 日本語 한국어 繁體中文 English

Configure the Host System to Log IPv4 Martian Packets

As a security best practice, verify that the host system logs IPv4 Martian packets. Martian packets contain addresses that the system knows to be invalid. Configure the host system to log the messages so that you can identify misconfigurations or attacks in progress.
  1. Run the
    # grep [01] /proc/sys/net/ipv4/conf/*/log_martians|egrep "default|all"
     command to check whether the host logs IPv4 Martian packets.
  2. Configure the host system to log IPv4 Martian packets.
    1. Open the
      /etc/sysctl.conf
       file to configure the host system.
    2. If the values are not set to
      1
      , add the following entries to the file or update the existing entries accordingly. Set the value to
      1
      . 
      net.ipv4.conf.all.log_martians=1 
net.ipv4.conf.default.log_martians=1
    3. Save the changes and close the file.
    4. Run
      # sysctl -p
       to apply the configuration.

Content feedback and comments