Check: TIPP-NM-000011
Trend Micro TippingPoint NDM STIG:
TIPP-NM-000011
(in versions v2 r2 through v1 r1)
Title
The TippingPoint SMS must limit total number of user sessions for privileged uses to a maximum of 10. (Cat III impact)
Discussion
Device management includes the ability to control the number of administrators and management sessions that manage a device. Limiting the number of currently allowed administrator sessions is a best practice that lowers the risk of DoS attacks.
Check Content
1. Log in to the SMS client. 2. Select >> "Edit" >> "Preferences". Select "Security" under "Session Preferences". 3. Verify the setting for the "limit number of total and user sessions" option is checked. 4. Verify the active sessions allowed on SMS option has a numeric value of 10 or less. If the TippingPoint SMS does not limit total number of user sessions for privileged uses to a maximum of 10, this is a finding.
Fix Text
1. Log in to the SMS client. 2. Select >> "Edit" >> "Preferences". Select "Security" under "Session Preferences". Click the check box for "Limit number of total and user sessions". 3. Type 10 or less for the number of active sessions allowed on SMS. 4. Click OK.
Additional Identifiers
Rule ID: SV-242232r960735_rule
Vulnerability ID: V-242232
Group Title: SRG-APP-000001-NDM-000200
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000054 |
Limit the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number. |
Controls
| Number | Title |
|---|---|
| AC-10 |
Concurrent Session Control |