The network element must restrict the ability of users to launch Denial of Service (DoS) attacks against other information systems or networks.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-27395 | SRG-NET-000192 | SV-34703r1_rule | Medium |
| Description |
|---|
| A network element experiencing a DoS attack will not be able to handle production traffic load. The high utilization and CPU caused by a DoS attack will also have an effect on control keep-alives and timers used for neighbor peering resulting in route flapping and eventually black hole production traffic. The device must be configured to block such attacks. |
| STIG | Date |
|---|---|
| Network Security Requirements Guide | 2011-12-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (None) |
|---|
| None |