Detections
Analytics
GEN000000-AIX0220 - The system must provide protection for the TCP stack against connection resets, SYN, and data injection attacks.
Information
The tcp_tcpsecure parameter provides protection for TCP connections from fake SYN's, fake RST, and data injections on established connections. The first vulnerability involves sending a fake SYN to an established connection to abort the connection. The second vulnerability involves sending a fake RST to an established connection to abort the connection. The third vulnerability involves injecting fake data in an established TCP connection.Solution
Set the tcp_tcpsecure parameter to 7.# /usr/sbin/no -p -o tcp_tcpsecure=7
See Also
http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip
Item Details
Audit Name: DISA AIX 5.3 STIG v1r2
Category: SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|SC-7(12), CAT|II, CCI|CCI-000032, Rule-ID|SV-38701r1_rule, STIG-ID|GEN000000-AIX0220, Vuln-ID|V-29497
Plugin: Unix
Control ID: f59d4b1b1947057317dfe4beb3cb0cc8e6667a7e25f7d822f885dcfdd492938d