Check: 3.104
Windows 2003 DC STIG:
3.104
(in version v6 r40)
Title
The system is configured to detect and configure default gateway addresses. (Cat III impact)
Discussion
Enables or disables the Internet Router Discovery Protocol (IRDP) used to detect and configure Default Gateway addresses on the computer.
Check Content
Fix Text
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> “MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)” to “Disabled”.
Additional Identifiers
Rule ID: SV-29365r1_rule
Vulnerability ID: V-4112
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-002385 |
Protect against or limit the effects of organization-defined types of denial-of-service events. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| SC-5 |
Denial of Service Protection |