Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The network element must have identification support disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-5616 | NET0726 | SV-5616r2_rule | ECSC-1 | Low |
| Description |
|---|
| Identification support allows one to query a TCP port for identification. This feature enables an unsecured protocol to report the identity of a client initiating a TCP connection and a host responding to the connection. Identification support can connect a TCP port on a host, issue a simple text string to request information, and receive a simple text-string reply. This is another mechanism to learn the router vendor, model number, and software version being run. |
| STIG | Date |
|---|---|
| Infrastructure Router Security Technical Implementation Guide Cisco | 2013-10-08 |
Details
| Check Text ( C-3562r4_chk ) |
|---|
| IOS Procedure: Review the device configuration to verify that identification support is not enabled via "ip identd" global command. It is disabled by default. |
| Fix Text (F-5527r4_fix) |
|---|
| IOS Procedure: Disable identification support by configuring the global "no ip identd" command. |