The TippingPoint SMS must disable auto reconnect after disconnect.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-242233 | TIPP-NM-000012 | SV-242233r710706_rule | Low |
| Description |
|---|
| Device management includes the ability to control the number of administrators and management sessions that manage a device. Requiring authentication for auto reconnecting expired administrator sessions is a best practice that lowers the risk of DoS attacks. |
| STIG | Date |
|---|---|
| Trend Micro TippingPoint NDM Security Technical Implementation Guide | 2021-06-09 |
Details
| Check Text ( C-45508r710704_chk ) |
|---|
| 1. Log in to the SMS client. 2. Select >> "Edit" >> "Preferences". Select "Security" Under "Client Preferences". 3. Verify the option for "Auto reconnect client to server after a disconnect occurs" is unchecked. If the TippingPoint SMS does not disable auto reconnect after disconnect, this is a finding. |
| Fix Text (F-45466r710705_fix) |
|---|
| 1. Log in to the SMS client. 2. Select >> "Edit" >> "Preferences". Select "Security" Under "Client Preferences". Uncheck "Auto reconnect client to server after a disconnect occurs". 3. Click OK. |