STIGQter: STIG Summary: IBM DB2 V10.5 LUW Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 25 Oct 2019:

DB2 must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect.

DISA Rule

SV-89193r1_rule

Vulnerability Number

V-74519

Group Title

SRG-APP-000295-DB-000305

Rule Version

DB2X-00-006400

Severity

CAT II

CCI(s)

• CCI-002361 - The information system automatically terminates a user session after organization-defined conditions or trigger events requiring session disconnect.

Weight

10

Fix Recommendation

Run the CREATE THRESHOLD statement to create the thresholds per organization policies.

The following command is an example for creating a threshold to terminate any sessions which have been inactive for more than 5 hours:
DB2> CREATE THRESHOLD MONIDLETIME FOR DATABASE ACTIVITIES ENFORCEMENT DATABASE
WHEN CONNECTIONIDLETIME > 300 MINUTE STOP EXECUTION

Note: Select the following link for the knowledgebase information on create threshold:

http://www.ibm.com/support/knowledgecenter/SSEPGG_10.5.0/com.ibm.db2.luw.sql.ref.doc/doc/r0050563.html?lang=en

Check Contents

Run the following query to check the existing thresholds defined in database:
DB2> SELECT thresholdname, thresholdpredicate, maxvalue, execution
FROM syscat.thresholds

If there are no thresholds defined in the required categories this is a finding.

Review the defined thresholds, if the thresholds are not defined per the organization policies, this is a finding.

Note: Select the following link for the knowledgebase on syscat.thresholds:

http://www.ibm.com/support/knowledgecenter/SSEPGG_10.5.0/com.ibm.db2.luw.sql.ref.doc/doc/r0050565.html?cp=SSEPGG_10.5.0%2F2-12-8-111

Vulnerability Number

V-74519

Documentable

False

Rule Version

DB2X-00-006400

Severity Override Guidance

Run the following query to check the existing thresholds defined in database:
DB2> SELECT thresholdname, thresholdpredicate, maxvalue, execution
FROM syscat.thresholds

If there are no thresholds defined in the required categories this is a finding.

Review the defined thresholds, if the thresholds are not defined per the organization policies, this is a finding.

Note: Select the following link for the knowledgebase on syscat.thresholds:

http://www.ibm.com/support/knowledgecenter/SSEPGG_10.5.0/com.ibm.db2.luw.sql.ref.doc/doc/r0050565.html?cp=SSEPGG_10.5.0%2F2-12-8-111

Check Content Reference

M

Target Key

3161

Comments