V-220797
CAT IIIThe system must be configured to prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF) generated routes.
- Ships Affected
- 1
- Total Findings
- 4
- Open
- 0
- Closed
- 4
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding:
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\
Value Name: EnableICMPRedirect
Value Type: REG_DWORD
Value: 0
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> MSS (Legacy) >> "MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes" to "Disabled".
This policy setting requires the installation of the MSS-Legacy custom templates included with the STIG package. "MSS-Legacy.admx" and " MSS-Legacy.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.
STIG Reference
- STIG
- Microsoft Windows 10 Security Technical Implementation Guide
- Version
- 3
- Release
- 6
- Rule ID
- SV-220797r991589_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89134_Win10_V3R5_20251217-201218.ckl | Unassigned | 2026-03-04T15:25:42.339596 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89108_Win10_V3R5_20251217-203019.ckl | Unassigned | 2026-03-04T15:25:16.342077 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Win10_V3R4_20251023-141133.ckl | Unassigned | 2026-01-14T12:57:28.689048 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Win10_V3R4_20251023-142421.ckl | Unassigned | 2026-01-14T12:57:26.690022 | View in Context |