[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)

ID: oval:gov.nist.usgcb.windowsseven:def:20014Date: (C)2012-04-13   (M)2017-10-21
Class: COMPLIANCEFamily: windows




The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\ registry key. The entry appears as MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default) in the SCE. This setting controls the number of times that TCP retransmits an individual data segment (non-connect segment) before the connection is aborted. The retransmission time-out is doubled with each successive retransmission on a connection. It is reset when responses resume. The base time-out value is dynamically determined by the measured round-trip time on the connection. This entry sets the maximum number of retransmissions of a TCP segment containing data before the connection is abandoned. The retransmission timeout is doubled with each successive retransmission on a connection. It is reset when responses resume. The base timeout value is dynamically determined by the measured round-trip time on the connection. Vulnerability: A malicious user could exhaust a target computer's resources if it never sent any acknowledgment messages for data that was transmitted by the target computer. Countermeasure: Configure the TcpMaxDataRetransmissions entry to a value of 3. Potential impact: TCP starts a retransmission timer when each outbound segment is passed to the IP. If no acknowledgment is received for the data in a given segment before the timer expires, the segment is retransmitted up to three times. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default) (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip6\Parameters!TcpMaxDataRetransmissions

Platform:
Microsoft Windows 7
Reference:
CCE-9487-0
CPE    1
cpe:/o:microsoft:windows_7
CCE    1
CCE-9487-0
XCCDF    10
xccdf_org.secpod_benchmark_cip_std_ver3_Windows_7
xccdf_hippa_benchmark_Windows_7
xccdf_org.secpod_benchmark_ISO27001_Windows_7
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_7
...

© 2013 SecPod Technologies