STIGQter STIGQter: STIG Summary: MS Exchange 2010 Edge Transport Server STIG Version: 1 Release: 15 Benchmark Date: 26 Apr 2019:

Receive Connector timeout must be limited.

DISA Rule

SV-43985r1_rule

Vulnerability Number

V-33565

Group Title

Exch-2-710

Rule Version

Exch-2-710

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Open the Exchange Management Shell and enter the following command:

Set-ReceiveConnector -Identity <'ReceiveConnector'> -ConnectionTimeout 00:05:00 or other value as identified by the Email Domain Security Plan.

Check Contents

Obtain the Email Domain Security Plan (EDSP) and locate the 'Connection Timeout' value.

Open the Exchange Management Shell and enter the following command:

Get-ReceiveConnector | Select Name, Identity, ConnectionTimeout

If the value of 'ConnectionTimeout' is set to 00:05:00, this is not a finding.

If 'ConnectionTimeout' is set to other than 00:05:00, and has signoff and risk acceptance in the EDSP, this is not a finding.

Vulnerability Number

V-33565

Documentable

False

Rule Version

Exch-2-710

Severity Override Guidance

Obtain the Email Domain Security Plan (EDSP) and locate the 'Connection Timeout' value.

Open the Exchange Management Shell and enter the following command:

Get-ReceiveConnector | Select Name, Identity, ConnectionTimeout

If the value of 'ConnectionTimeout' is set to 00:05:00, this is not a finding.

If 'ConnectionTimeout' is set to other than 00:05:00, and has signoff and risk acceptance in the EDSP, this is not a finding.

Check Content Reference

M

Target Key

1995

Comments