STIGQter: STIG Summary: Juniper SRX SG IDPS Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Jul 2017:

The Juniper Networks SRX Series Gateway IDPS must protect against or limit the effects of known and unknown types of Denial of Service (DoS) attacks by employing rate-based attack prevention behavior analysis.

DISA Rule

SV-80909r1_rule

Vulnerability Number

V-66419

Group Title

SRG-NET-000362-IDPS-00196

Rule Version

JUSX-IP-000017

Severity

CAT II

CCI(s)

• CCI-002385 - The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards.

Weight

10

Fix Recommendation

Create a protocol anomaly-based attack object:

Specify a name for the attack.
[edit]
security idp custom-attack anomaly1

Specify common properties for the attack.
[edit security idp custom-attack anomaly1]
set severity info
set time-binding scope peer count 2

Specify the attack type and test condition.
[edit]
security idp custom-attack anomaly1set attack-type anomaly test OPTIONS_UNSUPPORTED

Specify other properties for the anomaly attack.
[edit]
security idp custom-attack anomaly1]
set attack-type anomaly service TCP
u set attack-type anomaly direction any
attack-type anomaly shellcode spark

Check Contents

From operational mode, enter the following command to verify that the anomaly-based attack object was created:

show idp security policies

If anomaly-based attack objects are not created, bound to a zone, and active, this is a finding.

Vulnerability Number

V-66419

Documentable

False

Rule Version

JUSX-IP-000017

Severity Override Guidance

From operational mode, enter the following command to verify that the anomaly-based attack object was created:

show idp security policies

If anomaly-based attack objects are not created, bound to a zone, and active, this is a finding.

Check Content Reference

M

Target Key

3037

Comments