Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-89897 | VRAU-TC-000045 | SV-100547r1_rule | Medium |
Description |
---|
KeepAlive provides long-lived HTTP sessions that allow multiple requests to be sent over the same connection. Enabling KeepAlive mitigates the effects of several types of denial-of-service attacks. An advantage of KeepAlive is the reduced latency in subsequent requests (no handshaking). However, a disadvantage is that server resources are not available to handle other requests while a connection is maintained between the server and the client. tc Server can be configured to limit the number of subsequent requests that one client can submit to the server over an established connection. This limit helps provide a balance between the advantages of KeepAlive, while not allowing any one connection being held too long by any one client. maxKeepAliveRequests is the tc Server attribute that sets this limit. |
STIG | Date |
---|---|
VMware vRealize Automation 7.x tc Server Security Technical Implementation Guide | 2018-10-12 |
Check Text ( C-89589r1_chk ) |
---|
Navigate to and open /etc/vcac/server.xml. Navigate to the If the value of "maxKeepAliveRequests" is not set to "15" or is missing, this is a finding. |
Fix Text (F-96639r1_fix) |
---|
Navigate to and open /etc/vcac/server.xml. Navigate to the Configure the |