The system must not respond to broadcast ICMP echo requests.
            
                
        
            Overview
            
                
                    
                        
                            | Finding ID | Version | Rule ID | IA Controls | Severity | 
                        
                            | V-216135 | SOL-11.1-050050 | SV-216135r959010_rule |  | Medium | 
                    
                    
                        | Description | 
                        | ICMP echo requests can be useful for reconnaissance of systems and for denial of service attacks. | 
                    
                    
                 
             
         
        
            Details
            
                
                    
                        | Check Text (C-17373r372787_chk) | 
                        | Determine if ICMP echo requests response is disabled. 
 # ipadm show-prop -p _respond_to_echo_broadcast -co current ip
 
 If the output of this command is not "0", this is a finding.
 | 
                    
                    
                        | Fix Text (F-17371r372788_fix) | 
                        | The Network Management profile is required. 
 Disable respond to echo broadcast.
 
 # pfexec ipadm set-prop -p _respond_to_echo_broadcast=0 ip
 |