STIGQter: STIG Summary: VMware vSphere 6.7 VAMI-lighttpd Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Mar 2021:

VAMI must protect against or limit the effects of HTTP types of denial-of-service (DoS) attacks.

DISA Rule

SV-239734r679312_rule

Vulnerability Number

V-239734

Group Title

SRG-APP-000246-WSR-000149

Rule Version

VCLD-67-000027

Severity

CAT II

CCI(s)

CCI-001094 - The information system restricts the ability of individuals to launch organization-defined denial of service attacks against other information systems.

Weight

Fix Recommendation

Navigate to and open /opt/vmware/etc/lighttpd/lighttpd.conf.

Add or reconfigure the following value:

server.max-fds = 2048

Check Contents

At the command prompt, execute the following command:

# /opt/vmware/sbin/vami-lighttpd -p -f /opt/vmware/etc/lighttpd/lighttpd.conf|grep "server.max-fds"

Expected result:

server.max-fds = 2048

If the output does not match the expected result, this is a finding.

Vulnerability Number

V-239734

Documentable

False

Rule Version

VCLD-67-000027

Severity Override Guidance

Check Content Reference

Target Key

5335

VAMI must protect against or limit the effects of HTTP types of denial-of-service (DoS) attacks.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments