The IPS must enforce strict adherence to protocol format.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000200-IDPS-000207 | SRG-NET-000200-IDPS-000207 | SRG-NET-000200-IDPS-000207_rule | Medium |
| Description |
|---|
| Crafted packets not conforming to Institute of Electrical and Electronics Engineers (IEEE) standards can be used by malicious people to exploit a host's protocol stack to create a Denial of Service (DoS) or force a device reset, bypass security gateway filtering, or compromise a vulnerable device. It is imperative these packets are recognized and discarded at the network perimeter. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43366_chk ) |
|---|
| Inspect the rules installed on the IPS. Verify signatures exist that monitor for valid formation of protocol formats. Verify an enforcement action is taken for disallowed or malformed protocols. If signatures that monitor and validate protocol formats are not installed, this is a finding. |
| Fix Text (F-43366_fix) |
|---|
| Implement rules to monitor and validate protocol formats. |