STIGQter: STIG Summary: SOLARIS 9 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE Version: 1 Release: 9 Benchmark Date: 23 Oct 2015: TCP backlog queue sizes must be set appropriately.

DISA Rule

SV-28639r1_rule

Vulnerability Number

V-23741

Group Title

GEN003601

Rule Version

GEN003601

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Procedure:
# ndd -set /dev/tcp tcp_conn_req_max_q0 1280
# ndd -set /dev/tcp tcp_conn_req_max_q 1024

Ensure these commands are also present in system startup scripts.

Check Contents

Procedure:
# ndd /dev/tcp tcp_conn_req_max_q0

If the returned value is not 1280 or greater, this is a finding.

Procedure:
# ndd /dev/tcp tcp_conn_req_max_q

If the returned value is not 1024, this is a finding.

Vulnerability Number

V-23741

Documentable

False

Rule Version

GEN003601

Severity Override Guidance

Check Content Reference

Responsibility

System Administrator

STIGQter: STIG Summary: SOLARIS 9 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE Version: 1 Release: 9 Benchmark Date: 23 Oct 2015: TCP backlog queue sizes must be set appropriately.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments