UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The router administrator will ensure a password is required to gain access to the router's diagnostics port.


Overview

Finding ID Version Rule ID IA Controls Severity
V-4583 NET0580 SV-4583r1_rule Low
Description
If unauthorized users gain access to the routers diagnostic port, it is possible to disrupt service.
STIG Date
Perimeter Router Security Technical Implementation Guide Juniper 2018-02-27

Details

Check Text ( C-3506r1_chk )
IOS Procedure: N/A A Cisco router does not have a diagnostics port.

JUNOS Procedure: Review the router configuration to ensure a password is required when gaining access to the diagnostics port similar to the following:
[edit system]
diag-port-authentication {
encrypted-password "xxxxxxxxxxxxx"; # SECRET-DATA
}
Fix Text (F-4516r1_fix)
The router administrator will ensure that a password is required to access the routers diagnostic port.