CCE-18320-2Platform: vista | Date: (C)2012-03-13 (M)2023-07-04 |
The 'Core Networking - Dynamic Host Configuration Protocol (DHCP-In)' Windows Firewall rule should be configured correctly.
Parameter:
(1) EnabledNot Enabled
(2) Allow the connectionAllow the connection if it is secure(Allow the connection if it is authenticated and integrity-protectedRequire the connection to be encryptedAllow the computers to dynamically negotiate encryptionAllow the connection to use null encapsulationOverride block rules)Block the connection
(3) List of authorized computers
(4) List of computer exceptions
(5) List of local IP address that limit the scope
(6) List of remote IP address that limit the scope
(7) Profiles: DomainPrivatePublic
(8) All interface typesThese interface types (Local area network/Remote accessWireless)
(9) Block edge traversalAllow edge traversalDefer to userDefer to application
(10) List of authorized users
(11) List of user exceptions
Technical Mechanism:
(1) HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewallFirewallRulesCoreNet-DHCP-In!v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=68|RPort=67|App=%SystemRoot%system32svchost.exe|Svc=dhcp|Name=@FirewallAPI.dll,-25301|Desc=@FirewallAPI.dll,-25303|EmbedCtxt=@FirewallAPI.dll,-25000|
(2) Computer ConfigurationWindows SettingsSecurity SettingsWindows Firewall with Advanced SecurityWindows Firewall with Advanced SecurityInbound RulesCore Networking - Dynamic Host Configuration Protocol (DHCP-In)
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
USGCB XCCDF (USGCB-Windows-Vista-xccdf) | domain_profile_Core_Networking_DHCP_In |
USGCB OVAL (USGCB-Windows-Vista-oval) | oval:gov.nist.USGCB.vistafirewall:def:20940 |
SCAP Repo OVAL Definition | oval:gov.nist.USGCB.vistafirewall:def:20940 |