The IDPS must restrict the ability of users to launch DoS attacks against other information systems or networks.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34707 | SRG-NET-000192-IDPS-00140 | SV-45593r1_rule | Medium |
| Description |
|---|
| The IDPS must prevent users from using the IDPS components to launch a DoS attack. Use of mechanisms that throttle traffic and resources so that attackers cannot generate unlimited traffic via the IDPS application can assist in this effort. Sensor logs capacity management along with techniques which prevent the logging of redundant information during an attack, also guard against DoS attacks. |
| STIG | Date |
|---|---|
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Details
| Check Text ( C-42952r1_chk ) |
|---|
| Review the IDPS documentation and configuration to determine if the system restricts the ability of users or systems to launch DoS attacks against other information systems or networks from the IDPS components themselves. If the IDPS is not configured to restrict this ability, this is a finding. |
| Fix Text (F-38991r1_fix) |
|---|
| Configure the IDPS to restrict the ability of users or other systems to launch DoS attacks against other information systems or networks from the IDPS components. |