Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IAO/NSO will implement tcp intercept features provided by the router or implement a filter to rate limit tcp syn to protect servers from any TCP SYN flood attacks from an outside network.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3165 | NET0960 | SV-16143r1_rule | ECSC-1 | Medium |
| Description |
|---|
| The TCP SYN attack involves transmitting a volume of connections that cannot be completed at the destination. This attack causes the connection queues to fill up, thereby denying service to legitimate TCP users. |
| STIG | Date |
|---|---|
| Perimeter Router Security Technical Implementation Guide Cisco | 2015-07-01 |
Details
| Check Text ( C-3603r2_chk ) |
|---|
| Review the device configuration to determine if TCP Intercept has been configured to mitigate TCP SYN Flood attacks. If TCP Intercept has not been implemented, this is a finding. |
| Fix Text (F-3190r2_fix) |
|---|
| Configure the device to use TCP Intercept to protect against TCP SYN attacks from outside the network. |