[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)

ID: oval:gov.nist.usgcb.windowsseven:def:20012Date: (C)2012-04-13   (M)2017-10-17
Class: COMPLIANCEFamily: windows




Allowing source routed network traffic allows attackers to obscure their identity and location. IP source routing is a mechanism that allows the sender to determine the IP route that a datagram should follow through the network. Vulnerability: Source routing allows a computer that sends a packet to specify the route that the packet takes. Attackers can use source routed packets to obscure their identity and location. Countermeasure: Configure the DisableIPSourceRouting entry to a value of 2. Potential impact: If you configure this value to 2, all incoming source routed packets are dropped. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing) (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip6\Parameters!DisableIPSourceRouting

Platform:
Microsoft Windows 7
Reference:
CCE-8655-3
CPE    1
cpe:/o:microsoft:windows_7
CCE    1
CCE-8655-3
XCCDF    9
xccdf_gov.nist_benchmark_USGCB-Windows-7
xccdf_nist_benchmark_Windows_7
xccdf_org.secpod_benchmark_Windows_7
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_7
...

© 2013 SecPod Technologies