Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
SRG-NET-000362-FW-000230 | SRG-NET-000362-FW-000230 | SRG-NET-000362-FW-000230_rule | Medium |
Description |
---|
Denial of Service is a condition when a resource is not available for legitimate users. A SYN-flood attack is a denial-of-service attack where the attacker sends a huge amount of please-start-a-connection packets and then nothing else. This causes the device being attacked to be overloaded with the open sessions and eventually crash. |
STIG | Date |
---|---|
Firewall Security Requirements Guide | 2014-07-07 |
Check Text ( C-SRG-NET-000362-FW-000230_chk ) |
---|
Review the configuration of the firewall implementation. If measures have been configured to negate or mitigate the effects of a SYN flood attack, this is not a finding. If the site has implemented SYN flood protection for the enclave using the premise router, then there is no additional requirement to implement this on the firewall. |
Fix Text (F-SRG-NET-000362-FW-000230_fix) |
---|
Configure measures to negate or mitigate the effects of a SYN flood attack. |