UCF STIG Viewer Logo

System must provide protection for the TCP stack against connection resets, SYN and data injection attacks.


Overview

Finding ID Version Rule ID IA Controls Severity
V-29497 GEN000000-AIX0220 SV-38701r1_rule ECSC-1 Medium
Description
The tcp_tcpsecure parameter provides protection for TCP connections from fake SYN's, fake RST, and data injections on established connections. The first vulnerability involves sending a fake SYN to an established connection to abort the connection. The second vulnerability involves sending a fake RST to an established connection to abort the connection. The third vulnerability involves injecting fake data in an established TCP connection.
STIG Date
Draft AIX Security Technical Implementation Guide 2011-08-17

Details

Check Text ( C-37797r1_chk )
Check the value of the tcp_tcpsecure parameter.

# /usr/sbin/no –o tcp_tcpsecure
If the value returned is not 7, this is a finding.
Fix Text (F-33055r1_fix)
Set the tcp_tcpsecure parameter to 7.

# /usr/sbin/no –p –o tcp_tcpsecure=7