The network device must identify and respond to potential security-relevant error conditions.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000272-NDM-000184	SRG-NET-000272-NDM-000184	SRG-NET-000272-NDM-000184_rule		Medium

Description
Error messages generated by various components and services of the network devices can indicate a possible security violation or breach. The network device must detect and respond to error messages that may be a symptom of a compromise and provide notification. These error messages may be part of the network traffic on segments being monitored. Responses to these conditions include alerts or traffic dropping/blocking. If security-relevant error conditions are not identified by the network device, intrusion attacks may remain undetected, allowing more serious damage to the network.

Description

Error messages generated by various components and services of the network devices can indicate a possible security violation or breach. The network device must detect and respond to error messages that may be a symptom of a compromise and provide notification. These error messages may be part of the network traffic on segments being monitored. Responses to these conditions include alerts or traffic dropping/blocking. If security-relevant error conditions are not identified by the network device, intrusion attacks may remain undetected, allowing more serious damage to the network.

STIG	Date
Network Device Management Security Requirements Guide	2013-07-30

Details

Check Text ( C-SRG-NET-000272-NDM-000184_chk )
Verify the network device identifies and responds to potential security-relevant error conditions. If the network device does not identify and respond to potential security-relevant conditions, this is a finding.

Fix Text (F-SRG-NET-000272-NDM-000184_fix)
Configure the system to identify and respond to potential security-relevant error conditions.