Check: GEN000000-AIX0220
AIX 5.3 STIG:
GEN000000-AIX0220
(in version v1 r3)
Title
The system must provide protection for the TCP stack against connection resets, SYN, and data injection attacks. (Cat II impact)
Discussion
The tcp_tcpsecure parameter provides protection for TCP connections from fake SYN's, fake RST, and data injections on established connections. The first vulnerability involves sending a fake SYN to an established connection to abort the connection. The second vulnerability involves sending a fake RST to an established connection to abort the connection. The third vulnerability involves injecting fake data in an established TCP connection.
Check Content
Check the value of the tcp_tcpsecure parameter. # /usr/sbin/no -o tcp_tcpsecure If the value returned is not 7, this is a finding.
Fix Text
Set the tcp_tcpsecure parameter to 7. # /usr/sbin/no -p -o tcp_tcpsecure=7
Additional Identifiers
Rule ID: SV-38701r1_rule
Vulnerability ID: V-29497
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000032 |
The information system enforces information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows. |
Controls
Number | Title |
---|---|
AC-4 (8) |
Security Policy Filters |