The IDPS administrator will ensure LAND DoS signature has been implemented to protect the enclave.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19250 | NET-IDPS-012 | SV-21161r1_rule | EBBD-1 | Medium |
| Description |
|---|
| The LAND attack is a denial-of-service (DoS) attack in which an attacker sends a TCP packet (with the SYN bit set) to a system in which the source and destination IP address (along with the source and destination port) are the same. When it was first discovered, many IP stacks crashed the system when they received a LAND attack. |
| STIG | Date |
|---|---|
| IDS/IPS Security Technical Implementation Guide | 2013-10-08 |
Details
| Check Text ( C-23279r1_chk ) |
|---|
| Verify the IDPS protects against DoS LAND attacks. An effective implementation is the use of an Atomic attack signature that looks at a single packet, because State information ( tracking established connections) is not necessary in identifying this attack. |
| Fix Text (F-19909r1_fix) |
|---|
| Implement IDPS signatures that protect against LAND attacks. |