From Firewall Security Technical Implementation Guide - Cisco
Part of Firewall must block loopback address
Associated with IA controls: ECSC-1
The loopback address is used by an Inter-Processor Control (IPC) mechanism that enables the client and server portion of an application running on the same machine to communicate, and so it is trusted. It should never be used as the source IP address of an inbound or outbound transmission.
Review the device configuration to determine if filters are in place to block loopback addresses. If loopback addresses are not being filtered by the firewall, this is a finding.
Establish filters to block any attempt from the firewall or any network to pass any packets claiming to be from a loopback address.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer