UCF STIG Viewer Logo

TCP backlog queue sizes must be set appropriately.


Overview

Finding ID Version Rule ID IA Controls Severity
V-23741 GEN003601 SV-38796r1_rule ECSC-1 Medium
Description
To provide some mitigation to TCP DoS attacks, the clear_partial_conns parameter must be enabled.
STIG Date
Draft AIX Security Technical Implementation Guide 2011-08-17

Details

Check Text ( C-37228r1_chk )
# /usr/sbin/no –o clean_partial_conns
If the value returned is 0, this is a finding.
Fix Text (F-32491r1_fix)

# /usr/sbin/no –po clean_partial_conns=1