Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-14672 | NET0897 | SV-15336r3_rule | ECSC-1 | Low |
Description |
---|
Using a loopback address as the source address offers a multitude of uses for security, access, management, and scalability of routers. It is easier to construct appropriate ingress filters for router management plane traffic destined to the network management subnet since the source addresses will be from the range used for loopback interfaces instead of a larger range of addresses used for physical interfaces. Log information recorded by authentication and syslog servers will record the router's loopback address instead of the numerous physical interface addresses. TACACS+, RADIUS messages sent to management servers should use the loopback address as the source address. |
STIG | Date |
---|---|
Infrastructure Router Security Technical Implementation Guide | 2017-06-27 |
Check Text ( C-12802r5_chk ) |
---|
Review the device configuration and determine if authentication services are using the loopback or OOB management interface as the source address. If the loopback or OOB management interface isn't being used as the source address for authentications services, this is a finding. |
Fix Text (F-14134r5_fix) |
---|
Configure the device to use its loopback or OOB management interface address as the source address when originating authentication services traffic. |