4.510 - The system must protect against or limit the effects of Denial of Service (DoS) attacks by validating the operating system is implementing rate-limiting measures on impacted network interfaces - sysctl | Tenable Fedora Linux Best Practices v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
ARST-L2-000100 - The Arista MLS layer 2 switch must have IP Source Guard enabled on all user-facing or untrusted access switch ports. | DISA STIG Arista MLS EOS 4.2x L2S v1r1 | Arista | |
ARST-RT-000570 - The Arista BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer. | DISA STIG Arista MLS EOS 4.2x Router v1r1 | Arista | |
Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
CASA-FW-000220 - The Cisco ASA must be configured to implement scanning threat detection. | DISA STIG Cisco ASA FW v1r1 | Cisco | |
CASA-FW-000220 - The Cisco ASA must be configured to implement scanning threat detection. | DISA STIG Cisco ASA FW v1r3 | Cisco | |
Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-001220 - The Cisco switch must be configured to protect against known types of denial-of-service (DoS) attacks by employing organization-defined security safeguards - ip access-list | DISA STIG Cisco NX-OS Switch NDM v1r1 | Cisco | |
CISC-RT-000180 - The Cisco router must be configured to have Internet Control Message Protocol (ICMP) mask reply messages disabled on all external interfaces. | DISA STIG Cisco IOS Router RTR v1r4 | Cisco | |
FNFG-FW-000110 - The FortiGate firewall must employ filters that prevent or limit the effects of all types of commonly known denial-of-service (DoS) attacks, including flooding, packet sweeps, and unauthorized port scanning. | DISA Fortigate Firewall STIG v1r1 | FortiGate | |
JUEX-L2-000080 - The Juniper EX switch must be configured to enable Root Protection on all interfaces connecting to access layer switches and hosts. | DISA Juniper EX Series Layer 2 Switch v1r2 | Juniper | |
JUEX-RT-000600 - The Juniper router must be configured to have Gratuitous ARP disabled on all external interfaces. | DISA Juniper EX Series Router v1r3 | Juniper | |
JUEX-RT-000610 - The Juniper router must be configured to have IP directed broadcast disabled on all interfaces. | DISA Juniper EX Series Router v1r3 | Juniper | |
Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
OH12-1X-000307 - OHS must be tuned to handle the operational requirements of the hosted application. | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | |
RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces - FirewallBackend | DISA Red Hat Enterprise Linux 8 STIG v1r3 | Unix | |
RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces - nftables status | DISA Red Hat Enterprise Linux 8 STIG v1r5 | Unix | |
RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces - package | DISA Red Hat Enterprise Linux 8 STIG v1r3 | Unix | |
RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces - package | DISA Red Hat Enterprise Linux 8 STIG v1r7 | Unix | |
RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces. | DISA Red Hat Enterprise Linux 8 STIG v1r11 | Unix | |
RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces. | DISA Red Hat Enterprise Linux 8 STIG v1r8 | Unix | |
RHEL-09-251030 - RHEL 9 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring rate-limiting measures on impacted network interfaces are implemented. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
UBTU-20-010446 - The Ubuntu operating system must configure the uncomplicated firewall to rate-limit impacted network interfaces. | DISA STIG Ubuntu 20.04 LTS v1r9 | Unix | |
VCEM-67-000030 - ESX Agent Manager must disable the shutdown port. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r1 | Unix | |
VCFL-67-000029 - vSphere Client must disable the shutdown port. | DISA STIG VMware vSphere 6.7 Virgo Client v1r1 | Unix | |
VCLD-67-000033 - VAMI must be protected from being stopped by a non-privileged user. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r2 | Unix | |
VCUI-67-000029 - vSphere UI must disable the shutdown port - vsphere-ui.json | DISA STIG VMware vSphere 6.7 UI Tomcat v1r1 | Unix | |
WN11-CC-000035 - The system must be configured to ignore NetBIOS name release requests except from WINS servers. | DISA Windows 11 STIG v1r4 | Windows | |
WN11-CC-000035 - The system must be configured to ignore NetBIOS name release requests except from WINS servers. | DISA Windows 11 STIG v1r2 | Windows | |