An error occurred:

Check: TIPP-NM-000012

Trend Micro TippingPoint NDM STIG: TIPP-NM-000012 (in versions v2 r2 through v1 r1)

Title

The TippingPoint SMS must disable auto reconnect after disconnect. (Cat III impact)

Discussion

Device management includes the ability to control the number of administrators and management sessions that manage a device. Requiring authentication for auto reconnecting expired administrator sessions is a best practice that lowers the risk of DoS attacks.

Check Content

1. Log in to the SMS client. 2. Select >> "Edit" >> "Preferences". Select "Security" Under "Client Preferences". 3. Verify the option for "Auto reconnect client to server after a disconnect occurs" is unchecked. If the TippingPoint SMS does not disable auto reconnect after disconnect, this is a finding.

Fix Text

1. Log in to the SMS client. 2. Select >> "Edit" >> "Preferences". Select "Security" Under "Client Preferences". Uncheck "Auto reconnect client to server after a disconnect occurs". 3. Click OK.

Additional Identifiers

Rule ID: SV-242233r960735_rule

Vulnerability ID: V-242233

Group Title: SRG-APP-000001-NDM-000200

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000054

Limit the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-10

Concurrent Session Control