Disable IPv6 if Not in Use Security appliances and firewalls are not always IPv6 aware, meaning that IPv6 traffic is frequently unfiltered and unprotected. If it is not in use, it should be disabled.

networksetup

Run the following command to check if IPv6 is enabled on any network interfaces: sudo networksetup -listallnetworkservices | (while read dev; do echo '$dev'; networksetup -getinfo '$dev' | grep IPv6:; echo ; done) If there is an enabled network interface without the setting 'IPv6: Off' and it does not require IPv6, this is a finding.