Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-203654 | SRG-OS-000126-GPOS-00066 | SV-203654r557209_rule | Medium |
Description |
---|
If a maintenance session or connection remains open after maintenance is completed, it may be hijacked by an attacker and used to compromise or damage the system. Some maintenance and test tools are either standalone devices with their own operating systems or are applications bundled with an operating system. Nonlocal maintenance and diagnostic activities are those activities conducted by individuals communicating through a network, either an external network (e.g., the Internet) or an internal network. Local maintenance and diagnostic activities are those activities carried out by individuals physically present at the information system or information system component and not communicating across a network connection. |
STIG | Date |
---|---|
General Purpose Operating System Security Requirements Guide | 2023-12-01 |
Check Text ( C-3779r557207_chk ) |
---|
Verify the operating system terminates all sessions and network connections related to nonlocal maintenance when nonlocal maintenance is completed. If it does not, this is a finding. |
Fix Text (F-3779r557208_fix) |
---|
Configure the operating system to terminate all sessions and network connections related to nonlocal maintenance when nonlocal maintenance is completed. |