UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IAO/NSO will implement tcp intercept features provided by the router or implement a filter to rate limit tcp syn to protect servers from any TCP SYN flood attacks from an outside network.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3165 NET0960 SV-16143r1_rule ECSC-1 Medium
Description
The TCP SYN attack involves transmitting a volume of connections that cannot be completed at the destination. This attack causes the connection queues to fill up, thereby denying service to legitimate TCP users.
STIG Date
Perimeter Router Security Technical Implementation Guide Cisco 2015-07-01

Details

Check Text ( C-3603r2_chk )
Review the device configuration to determine if TCP Intercept has been configured to mitigate TCP SYN Flood attacks.

If TCP Intercept has not been implemented, this is a finding.
Fix Text (F-3190r2_fix)
Configure the device to use TCP Intercept to protect against TCP SYN attacks from outside the network.