STIGQter STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016:

The DataPower Gateway providing content filtering must protect against or limit the effects of known and unknown types of Denial of Service (DoS) attacks by employing pattern recognition pre-processors.

DISA Rule

SV-79767r1_rule

Vulnerability Number

V-65277

Group Title

SRG-NET-000362-ALG-000155

Rule Version

WSDP-AG-000102

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

XML DoS
Single message attacks: Jumbo Payload, Recursion, Mega Tags, Coercive parsing, Public key; Multiple message: XML flood, Resource hijack. WebGUI Services >> XML Firewall >> Edit XML Firewall XML, Threat Protection tab.

AAA DoS
Protection against DoS flooding attacks. WebGUI Objects >> XML Processing >> AAA Policy, Main tab.

PKCS #7
Document DoS signature-limit protection. WebGUI Objects >> XML Processing >> Processing Action, select Crypto Binary action type.

Service level monitor (SLM) policy. WebGUI Objects >> Monitoring >> SLM Policy.

Check Contents

XML DoS
Single message attacks: Jumbo Payload, Recursion, Mega Tags, Coercive parsing, Public key; Multiple message: XML flood, Resource hijack. WebGUI Services >> XML Firewall >> Edit XML Firewall XML, Threat Protection tab.

AAA DoS
Protection against DoS flooding attacks. WebGUI Objects >> XML Processing >> AAA Policy, Main tab.

PKCS #7
Document DoS signature-limit protection. WebGUI Objects >> XML Processing >> Processing Action, select Crypto Binary action type.

Service level monitor (SLM) policy. WebGUI Objects >> Monitoring >> SLM Policy.

If these items are not configured, this is a finding.

Vulnerability Number

V-65277

Documentable

False

Rule Version

WSDP-AG-000102

Severity Override Guidance

XML DoS
Single message attacks: Jumbo Payload, Recursion, Mega Tags, Coercive parsing, Public key; Multiple message: XML flood, Resource hijack. WebGUI Services >> XML Firewall >> Edit XML Firewall XML, Threat Protection tab.

AAA DoS
Protection against DoS flooding attacks. WebGUI Objects >> XML Processing >> AAA Policy, Main tab.

PKCS #7
Document DoS signature-limit protection. WebGUI Objects >> XML Processing >> Processing Action, select Crypto Binary action type.

Service level monitor (SLM) policy. WebGUI Objects >> Monitoring >> SLM Policy.

If these items are not configured, this is a finding.

Check Content Reference

M

Target Key

2859

Comments