SonicWALL - Flood Protection - TCP - Max Seg Lifetime

Information

SonicWALL - Flood Protection - TCP - Maximum Segment Lifetime <= 8 seconds.

Determines the number of seconds that any TCP packet is valid before it expires. This setting is also used to determine the amount of time (calculated as twice the Maximum Segment Lifetime, or 2MSL) that an actively closed TCP connection remains in the TIME_WAIT state to ensure that the proper FIN / ACK exchange has occurred to cleanly close the TCP connection.

Solution

Navigate to Firewall Settings->Flood Protection->TCP Settings and set 'Maximum Segment Lifetime (seconds):' to a value of 8 or less.

Item Details

Audit Name: TNS SonicWALL v5.9

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-10

Plugin: SonicWALL

Control ID: 1163e2de6a6db50054f14da03df0e192074c861ac7da15801271471a6055c5ad