STIGQter: STIG Summary: WLAN Controller Security Technical Implementation Guide (STIG) Version: 6 Release: 15 Benchmark Date: 26 Apr 2019:

The network devices must be configured to timeout after 60 seconds or less for incomplete or broken SSH sessions.

DISA Rule

SV-5612r4_rule

Vulnerability Number

V-5612

Group Title

SSH session timeout is not 60 seconds or less.

Rule Version

NET1645

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the network devices so it will require a secure shell timeout of 60 seconds or less.

Check Contents

Review the configuration and verify the timeout is set for 60 seconds or less. The SSH service terminates the connection if protocol negotiation (that includes user authentication) is not complete within this timeout period.

If the device is not configured to drop broken SSH sessions after 60 seconds, this is a finding.

Vulnerability Number

V-5612

Documentable

False

Rule Version

NET1645

Severity Override Guidance

Review the configuration and verify the timeout is set for 60 seconds or less. The SSH service terminates the connection if protocol negotiation (that includes user authentication) is not complete within this timeout period.

If the device is not configured to drop broken SSH sessions after 60 seconds, this is a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

1538

Comments