STIGQter: STIG Summary: Router Security Requirements Guide Version: 4 Release: 2 Benchmark Date: 23 Apr 2021:

The router must be configured to produce audit records containing information to establish the source of the events.

DISA Rule

SV-207121r604135_rule

Vulnerability Number

V-207121

Group Title

SRG-NET-000077

Rule Version

SRG-NET-000077-RTR-000001

Severity

CAT II

CCI(s)

• CCI-000133 - The information system generates audit records containing information that establishes the source of the event.

Weight

10

Fix Recommendation

Configure the router to record the source address in the log record for packets being dropped.

Check Contents

The router must log all packets that have been dropped via the access control list.

If the router fails to log all packets that have been dropped via the control list, this is a finding.

Log output must contain the source IP address and port of the filtered packets.

If the logged output does not contain source IP address and port of the filtered packets, this is a finding.

Vulnerability Number

V-207121

Documentable

False

Rule Version

SRG-NET-000077-RTR-000001

Severity Override Guidance

The router must log all packets that have been dropped via the access control list.

If the router fails to log all packets that have been dropped via the control list, this is a finding.

Log output must contain the source IP address and port of the filtered packets.

If the logged output does not contain source IP address and port of the filtered packets, this is a finding.

Check Content Reference

M

Target Key

2917

Comments