Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-22419 | GEN003612 | SV-38803r1_rule | ECSC-1 | Medium |
Description |
---|
A TCP SYN flood attack can cause Denial of Service by filling a system's TCP connection table with connections in the SYN_RCVD state. Syncookies are a mechanism used to not track a connection until a subsequent ACK is received, verifying the initiator is attempting a valid connection and is not a flood source. This technique does not operate in a fully standards-compliant manner, but is only activated when a flood condition is detected, and allows defense of the system while continuing to service valid requests. |
STIG | Date |
---|---|
AIX 5.3 Security Technical Implementation Guide | 2013-03-26 |
Check Text ( C-37259r1_chk ) |
---|
# /usr/sbin/no -o clean_partial_conns If the value returned is not 1, this is a finding. |
Fix Text (F-32500r1_fix) |
---|
#/usr/sbin/no -p -o clean_partial_conns=1 |