STIGQter: STIG Summary: Solaris 11 SPARC Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The system must set maximum number of incoming connections to 1024.

DISA Rule

SV-216379r603267_rule

Vulnerability Number

V-216379

Group Title

SRG-OS-000480

Rule Version

SOL-11.1-050120

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

The Network Management profile is required.

Configure maximum number of incoming connections.

# pfexec ipadm set-prop -p _conn_req_max_q=1024 tcp

Check Contents

Determine if the maximum number of incoming connections is set to 1024.

# ipadm show-prop -p _conn_req_max_q -co current tcp

If the value returned is smaller than "1024", this is a finding.

In environments where connection numbers are high, such as a busy web server, this value may need to be increased.

Vulnerability Number

V-216379

Documentable

False

Rule Version

SOL-11.1-050120

Severity Override Guidance

Determine if the maximum number of incoming connections is set to 1024.

# ipadm show-prop -p _conn_req_max_q -co current tcp

If the value returned is smaller than "1024", this is a finding.

In environments where connection numbers are high, such as a busy web server, this value may need to be increased.

Check Content Reference

M

Target Key

4022

Comments