Check: RCKS-RTR-000160
RUCKUS ICX Router STIG:
RCKS-RTR-000160
(in version v1 r1)
Title
The RUCKUS ICX router must be configured to have all inactive interfaces disabled. (Cat III impact)
Discussion
An inactive interface is rarely monitored or controlled and may expose a network to an undetected attack on that interface. Unauthorized personnel with access to the communication facility could gain access to a router by connecting to a configured interface that is not in use. If an interface is no longer used, the configuration must be deleted and the interface disabled. For sub-interfaces, delete sub-interfaces that are on inactive interfaces and delete sub-interfaces that are themselves inactive. If the sub-interface is no longer necessary for authorized communications, it must be deleted.
Check Content
Review the router configuration and verify inactive interfaces are disabled: interface ethernet 1/1/11 disable ! If inactive interfaces are not disabled, this is a finding.
Fix Text
Disable inactive interfaces: interface ethernet 1/1/11 disable !
Additional Identifiers
Rule ID: SV-273584r1110889_rule
Vulnerability ID: V-273584
Group Title: SRG-NET-000019-RTR-000007
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001414 |
Enforce approved authorizations for controlling the flow of information between connected systems based on organization-defined information flow control policies. |
Controls
| Number | Title |
|---|---|
| AC-4 |
Information Flow Enforcement |