Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-3165 | NET0960 | SV-16143r1_rule | ECSC-1 | Medium |
Description |
---|
The TCP SYN attack involves transmitting a volume of connections that cannot be completed at the destination. This attack causes the connection queues to fill up, thereby denying service to legitimate TCP users. |
STIG | Date |
---|---|
Perimeter Router Security Technical Implementation Guide Cisco | 2015-04-06 |
Check Text ( C-3603r2_chk ) |
---|
Review the device configuration to determine if TCP Intercept has been configured to mitigate TCP SYN Flood attacks. If TCP Intercept has not been implemented, this is a finding. |
Fix Text (F-3190r2_fix) |
---|
Configure the device to use TCP Intercept to protect against TCP SYN attacks from outside the network. |