Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The LAND DoS signature must be implemented to protect the enclave.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000244-IDPS-000231 | SRG-NET-000244-IDPS-000231 | SRG-NET-000244-IDPS-000231_rule | Medium |
| Description |
|---|
| The LAND attack is a DoS attack in which an attacker sends a TCP packet (with the SYN bit set) to a system in which the source and destination IP address (along with the source and destination port) are the same. If network traffic is not protected against this type of attack, this may cause a DoS on the network. An effective implementation is the use of an Atomic attack signature that looks at a single packet, because State information (tracking established connections) is not necessary in identifying this attack. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43395_chk ) |
|---|
| Review the configuration and verify signatures are installed to protect against TCP SYN Flood attacks. If sensors are not configured with signatures that protect against LAND, this is a finding. |
| Fix Text (F-43395_fix) |
|---|
| Download and install signatures designed to protect against LAND attacks. |