Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The firewall implementation must protect against "Ping of Death" (oversized ICMP echo request) attacks.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000362-FW-000232 | SRG-NET-000362-FW-000232 | SRG-NET-000362-FW-000232_rule | Medium |
| Description |
|---|
| Denial of Service is a condition when a resource is not available for legitimate users. The "Ping of Death" is a malformed (oversized) ICMP echo request. An oversized ICMP echo request packet can cause a variety of adverse reactions such as crashing, freezing, or rebooting. This results in a denial of service. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2014-07-07 |
Details
| Check Text ( C-SRG-NET-000362-FW-000232_chk ) |
|---|
| Review the configuration of the firewall implementation. If measures have been configured to negate or mitigate the effects of a Ping of Death attack, this is not a finding. |
| Fix Text (F-SRG-NET-000362-FW-000232_fix) |
|---|
| Configure measures to block oversized ICMP echo request packets. |