Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-5616 | NET0726 | SV-5616r3_rule | ECSC-1 | Low |
Description |
---|
Identification support allows one to query a TCP port for identification. This feature enables an unsecured protocol to report the identity of a client initiating a TCP connection and a host responding to the connection. Identification support can connect a TCP port on a host, issue a simple text string to request information, and receive a simple text-string reply. This is another mechanism to learn the router vendor, model number, and software version being run. |
STIG | Date |
---|---|
Perimeter Router Security Technical Implementation Guide Cisco | 2016-01-04 |
Check Text ( C-3562r5_chk ) |
---|
Review the device configuration to verify that identification support is not enabled via "ip identd" global command. It is disabled by default. If identifications support is enabled, this is a finding. |
Fix Text (F-5527r5_fix) |
---|
Configure the device to disable identification support. |