[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Audit Policy: System: IPsec Driver (Failure)

ID: oval:org.secpod.oval:def:18759Date: (C)2014-05-29   (M)2021-06-02
Class: COMPLIANCEFamily: windows




Auditing of System: IPsec Driver events on failure should be enabled or disabled as appropriate. This security policy setting determines whether the operating system audits the activities of the IPsec driver and reports any of the following events: * Startup and shutdown of IPsec services. * Packets dropped due to integrity check failure. * Packets dropped due to replay check failure. * Packets dropped due to being in plaintext. * Packets received with an incorrect Security Parameter Index (SPI). (This can indicate malfunctioning hardware or interoperability problems.) * Failure to process IPsec filters. A high rate of packet drops by the IPsec filter driver may indicate attempts to gain access to the network by unauthorized systems. Failure to process IPsec filters poses a potential security risk because some network interfaces may not get the protection provided by the IPsec filter. Fix: (1) GPO: Commandline: auditpol.exe (2) REG: NO INFO

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-10214-5
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-10214-5

© SecPod Technologies