RepoMirrors
/
osquery-defense-kit
mirror of https://github.com/chainguard-dev/osquery-defense-kit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
osquery-defense-kit/incident_response/ip_forwarding.sql

9 lines
283 B
SQL
Raw Blame History

-- Retrieves the current status of IP/IPv6 forwarding.
--
-- interval: 3600
-- platform: posix
-- value: Identify if a machine is being used as relay.
-- version: 1.4.5
select * from system_controls where oid = '4.30.41.1' union select * from system_controls where oid = '4.2.0.1';
Reference in New Issue View Git Blame Copy Permalink