[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-41581-0

Platform: cpe:/o:microsoft:windows_10Date: (C)2016-09-23   (M)2023-07-04



Disable: 'Windows Firewall: Domain: Logging: Log dropped packets' for LogDroppedPackets Use this option to log when Windows Firewall with Advanced Security discards an inbound packet for any reason. The log records why and when the packet was dropped. Look for entries with the word DROP in the action column of the log. Counter Measure: Configure this policy setting to "Yes". Potential Impact: Information about dropped packets will be recorded in the firewall log file


Parameter:

[yes/no]


Technical Mechanism:

(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsWindows Firewall with Advanced SecurityWindows Firewall with Advanced SecurityWindows Firewall PropertiesDomain ProfileLoggingWindows Firewall: Domain: Logging: Log dropped packets (2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsFirewallDomainProfileLoggingLogDroppedPackets

CCSS Severity:CCSS Metrics:
CCSS Score : 4.4Attack Vector: LOCAL
Exploit Score: 1.8Attack Complexity: LOW
Impact Score: 2.5Privileges Required: LOW
Severity: MEDIUMUser Interaction: NONE
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:LScope: UNCHANGED
 Confidentiality: LOW
 Integrity: NONE
 Availability: LOW
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:34991


OVAL    1
oval:org.secpod.oval:def:34991
XCCDF    2
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10

© SecPod Technologies