| ARST-RT-000060 - The Arista BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute. | DISA STIG Arista MLS EOS 4.2x Router v1r1 | Arista | ACCESS CONTROL |
| ARST-RT-000100 - The Arista BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer. | DISA STIG Arista MLS EOS 4.2x Router v1r1 | Arista | ACCESS CONTROL |
| CISC-RT-000540 - The Cisco BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute. | DISA STIG Cisco IOS Router RTR v2r6 | Cisco | ACCESS CONTROL |
| CISC-RT-000540 - The Cisco BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute. | DISA STIG Cisco IOS XE Router RTR v2r9 | Cisco | ACCESS CONTROL |
| CISC-RT-000540 - The Cisco BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute. | DISA STIG Cisco IOS-XR Router RTR v2r4 | Cisco | ACCESS CONTROL |
| CISC-RT-000540 - The Cisco BGP switch must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute. | DISA STIG Cisco IOS XE Switch RTR v2r5 | Cisco | ACCESS CONTROL |
| CISC-RT-000540 - The Cisco BGP switch must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute. | DISA STIG Cisco NX-OS Switch RTR v2r3 | Cisco | ACCESS CONTROL |
| CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - ip as-path access-list | DISA STIG Cisco IOS Router RTR v2r6 | Cisco | ACCESS CONTROL |
| CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - route-policy | DISA STIG Cisco IOS-XR Router RTR v2r4 | Cisco | ACCESS CONTROL |
| CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer. | DISA STIG Cisco IOS XE Router RTR v2r9 | Cisco | ACCESS CONTROL |
| CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer. | DISA STIG Cisco IOS Router RTR v2r6 | Cisco | ACCESS CONTROL |
| CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer. | DISA STIG Cisco IOS-XR Router RTR v2r4 | Cisco | ACCESS CONTROL |
| CISC-RT-000550 - The Cisco BGP switch must be configured to reject route advertisements from CE switches with an originating AS in the AS_PATH attribute that does not belong to that customer. | DISA STIG Cisco IOS XE Switch RTR v2r5 | Cisco | ACCESS CONTROL |
| CISC-RT-000550 - The Cisco BGP switch must be configured to reject route advertisements from CE switches with an originating AS in the AS_PATH attribute that does not belong to that customer. | DISA STIG Cisco NX-OS Switch RTR v2r3 | Cisco | ACCESS CONTROL |
| GEN000000-AIX00020 - AIX Trusted Computing Base (TCB) software must be implemented. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL, SYSTEM AND SERVICES ACQUISITION |
| GEN000000-AIX00020 - AIX Trusted Computing Base (TCB) software must be implemented. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL, SYSTEM AND SERVICES ACQUISITION |
| GEN000000-AIX00040 - The securetcpip command must be used | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000000-AIX00040 - The securetcpip command must be used - /etc/security/config has been configured | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000000-AIX00040 - The securetcpip command must be used. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000000-AIX0200 - The system must not allow directed broadcasts to gateway. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000000-AIX0200 - The system must not allow directed broadcasts to gateway. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000000-AIX0210 - The system must provide protection from Internet Control Message Protocol (ICMP) attacks on TCP connections. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000000-AIX0210 - The system must provide protection from Internet Control Message Protocol (ICMP) attacks on TCP connections. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000000-AIX0220 - The system must provide protection for the TCP stack against connection resets, SYN, and data injection attacks. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000000-AIX0220 - The system must provide protection for the TCP stack against connection resets, SYN, and data injection attacks. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000000-AIX0230 - The system must provide protection against IP fragmentation attacks. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000000-AIX0230 - The system must provide protection against IP fragmentation attacks. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000000-AIX0300 - The system must not have the bootp service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000000-AIX0300 - The system must not have the bootp service active. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000000-AIX0310 - The /etc/ftpaccess.ctl file must exist. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000000-AIX0310 - The /etc/ftpaccess.ctl file must exist. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.high | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.low | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.low | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.med | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - uid_aliases | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - uid_aliases | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00140 - The /usr/aset/masters/uid_aliases must be empty. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00140 - The /usr/aset/masters/uid_aliases must be empty. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00160 - If the system is a firewall, ASET must be used on the system, and the firewall parameters must be set in /usr/aset/asetenv. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00160 - If the system is a firewall, ASET must be used on the system, and the firewall parameters must be set in /usr/aset/asetenv. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00200 - The asetenv file YPCHECK variable must be set to true when NIS+ is configured. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00220 - The /usr/aset/userlist file must exist - /usr/aset/userlist | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00420 - Hidden extended file attributes must not exist on the system. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00420 - Hidden extended file attributes must not exist on the system. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| JUEX-RT-000060 - The Juniper BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute. | DISA Juniper EX Series Router v1r3 | Juniper | ACCESS CONTROL |
| JUEX-RT-000100 - The Juniper router configured for BGP must reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer. | DISA Juniper EX Series Router v1r3 | Juniper | ACCESS CONTROL |
| JUNI-RT-000530 - The Juniper BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute. | DISA STIG Juniper Router RTR v2r4 | Juniper | ACCESS CONTROL |
| JUNI-RT-000535 - The Juniper BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - as-path | DISA STIG Juniper Router RTR v2r4 | Juniper | ACCESS CONTROL |
| JUNI-RT-000535 - The Juniper BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - bgp import | DISA STIG Juniper Router RTR v2r4 | Juniper | ACCESS CONTROL |
