Accepting "secure" ICMP redirects (those from gateways listed in the default gateways list) should be enabled or disabled for all interfaces as appropriate. enabled / disabled via sysctl - net.ipv4.conf.all.secure_redirects Section: 2.5.1.2, Value: disabled oval:gov.nist.usgcb.rhel:def:20117 HIPAA/HITECH Act Jericho Forum BITS Shared Assessments SIG v6.0 FedRAMP Security Controls(Final Release Jan 2012)--LOW IMPACT LEVEL-- ISO/IEC 27001-2005 COBIT 4.1 GAPP (Aug 2009) NERC CIP NIST SP800-53 R3 AC-4 NIST SP800-53 R3 CM-7 PCIDSS v2.0 FedRAMP Security Controls(Final Release Jan 2012)--MODERATE IMPACT LEVEL-- BITS Shared Assessments AUP v5.0 Guide to the Secure Configuration of Red Hat Enterprise Linux 5 NSA 2007-10-31 Prose(pdf) SCAP Repo OVAL Definition 2012-08-24 HIPAA/HITECH Act 2012-10-12 Jericho Forum 2012-10-12 BITS Shared Assessments SIG v6.0 2012-10-12 ISO/IEC 27001-2005 2012-10-12 COBIT 4.1 2012-10-12 GAPP (Aug 2009) 2012-10-12 NERC CIP 2012-10-12 NIST SP800-53 R3 2012-10-12 PCIDSS v2.0 2012-10-12 BITS Shared Assessments AUP v5.0 2012-10-12