The router must protect against or limit the effects of denial of service attacks.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000191-RTR-000079 | SRG-NET-000191-RTR-000079 | SRG-NET-000191-RTR-000079_rule | High |
| Description |
|---|
| A router experiencing a DoS attack will not be able to handle production traffic load. The high utilization and CPU load caused by a DoS attack will also have an effect on control keep-alives and timers used for neighbor peering resulting in route flapping and eventually black hole production traffic. The device must be configured to thwart, counter, or prevent such attacks. |
| STIG | Date |
|---|---|
| Router Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000191-RTR-000079_chk ) |
|---|
| Verify the router includes configurations that limit or protect against the effects of denial of service attacks (e.g., multiple/distributed routers, load balancers, increasing log capacity, and/or service redundancy). If the router is not configured to protect against or limit the effects of denial of service attacks, this is a finding. |
| Fix Text (F-SRG-NET-000191-RTR-000079_fix) |
|---|
| Configure the router to protect against or limit the effects of denial of service attacks by implementing risk mitigation solutions (e.g., multiple/distributed routers, load balancers, increasing log capacity, and/or providing service redundancy). |