Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The router must be configured so inactive router interfaces are disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000019-RTR-000007 | SRG-NET-000019-RTR-000007 | SRG-NET-000019-RTR-000007_rule | Medium |
| Description |
|---|
| An inactive interface is rarely monitored or controlled and may expose a network to an undetected attack on those interfaces. Disgruntled or unsatisfied employees are an inside threat, launching against DoD computer systems within the network. Unauthorized personnel with access to the communication facility could gain administrative access to a router by connecting to a configured interface that is not in use. If unauthorized personnel gain access to the router through an unsecured router interface, they could obtain administrative privileges and cause disruptions, disable links, or create denial of service conditions. |
| STIG | Date |
|---|---|
| Router Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000019-RTR-000007_chk ) |
|---|
| Verify inactive interfaces on the router or multilayer switch are disabled. If there are any inactive interfaces enabled on the router or multilayer switch, this is a finding. |
| Fix Text (F-SRG-NET-000019-RTR-000007_fix) |
|---|
| Remove subinterfaces and disable any inactive ports on the router or multilayer switch. |