Help Central | G5 Cyber Security
Security Hardening
TNS BestPractice Citrix Hypervisor

Disable promiscuous mode on all network interfaces

Gavin M. Dennis

22 April 2022 02:45

Details

In promiscuous mode all packets received will be processed by the host or VM, which could expose confidential information.

Solution

Run the following command for each physical interface (pif), especially those that will host VM guests:

xe pif-param-set uuid= other-config:promiscuous='off'

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

800-53|CM-7b.
CSCv6|9.1

Source

Tenable.com/audits

PS. Before you go.

Request a quote to protect your organisation from cyber attacks and breaches.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

Administrative actions are logged
All network interfaces are operating in full-duplex mode
Auto-start is not enabled
Disable promiscuous mode on all network interfaces
Disallow unplug detection on the storage network interface
Enable only necessary and secure services, protocols, daemons - 'lwsmd'
Enable only necessary and secure services, protocols, daemons - 'snapwatchd'
Enable only necessary and secure services, protocols, daemons - 'sshd'
Enable port locking by default on the VM guest network
Enable QoS on all VM guests