Skip to content

The Juniper SRX Services Gateway must configure the control plane to protect against or limit the effects of common types of Denial of Service (DoS) attacks on the device itself by configuring applicable system options and internet-options.

An XCCDF Rule

Description

<VulnDiscussion>DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity. Juniper SRX uses the system commands, system internet-options, and screens to mitigate the impact of DoS attacks on device availability.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-223233r513388_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Configure the system and system-options to protect against DoS attacks.

[edit]
set system no-redirects
set system no-ping-record-route
set system no-ping-time-stamp