UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Network IDPS administrator will ensure IP hijacking signatures have been implemented with the common default signatures.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18513 NET-IDPS-008 SV-20048r1_rule ECSC-1 Medium
Description
There are a number of publicly available tools that exist to facilitate the hijacking of TCP sessions. An attacker using such tools can determine the TCP sequence and acknowledgement numbers that two hosts are using in a communication session. This information could enable the attacker to take over the legitimate network connection of an authorized user and inject commands into the session. This is particularly serious because most forms of one-time passwords do not prevent this access.
STIG Date
IDS/IPS Security Technical Implementation Guide 2013-10-08

Details

Check Text ( C-21281r1_chk )
Ask the SA to identify the signature that protects against IP hijacking of TCP sessions. Ensure the signature is current.
Fix Text (F-19107r1_fix)
Implement the latest signature from vendor that protects against IP hijacking of TCP sessions.