The operating system must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial of service attacks.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-47899 | SOL-11.1-090280 | SV-60771r1_rule | Medium |
| Description |
|---|
| In the case of denial of service attacks, care must be taken when designing the operating system so as to ensure that the operating system makes the best use of system resources. |
| STIG | Date |
|---|---|
| Solaris 11 X86 Security Technical Implementation Guide | 2019-12-18 |
Details
| Check Text ( C-50335r1_chk ) |
|---|
| Ask the operator if Solaris 11 resource controls are configured limiting user memory, process table slots, network bandwidth, and threads utilization If resource controls are not implemented to limit user memory usage, process table slots, network bandwidth, and/or threads utilization, this is a finding. |
| Fix Text (F-51511r1_fix) |
|---|
| Use Solaris 11 projects and resource controls to limit the amount of memory and CPU resources available to users and applications. |