Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IDPS must use organizationally defined replay-resistant authentication mechanisms for network access to privileged accounts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000146-IDPS-000135 | SRG-NET-000146-IDPS-000135 | SRG-NET-000146-IDPS-000135_rule | Medium |
| Description |
|---|
| All authentication credentials must be maintained on an authentication server. Messages between the authenticator and the IDPS validating user credentials must not be vulnerable to a replay attack possibly enabling an unauthorized user to gain access to any IDPS. A replay attack is a form of a network attack in which a valid session or series of IP packets is intercepted by a malicious user who at a later time transmits the packets to gain access to the target device. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43271_chk ) |
|---|
| Verify the configuration for the management console and sensors requires access by a DoD approved replay-resistant authentication method, such as DoD PKI, SecureID, or DoD Alternate Token. If DoD PKI, SecureID, or DoD Alternate Token is not used for authentication, this is a finding. |
| Fix Text (F-43271_fix) |
|---|
| Configure local accounts to use DoD approved, replay resistant authentication mechanisms for access to the IDPS. Approved methods are DoD PKI, SecureID, or DoD Alternate Token. |