The TippingPoint SMS must disable auto reconnect after disconnect.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| low | V-242233 | SRG-APP-000001-NDM-000200 | TIPP-NM-000012 | SV-242233r960735_rule | 2025-03-10 | 2 |
Description
Device management includes the ability to control the number of administrators and management sessions that manage a device. Requiring authentication for auto reconnecting expired administrator sessions is a best practice that lowers the risk of DoS attacks.
ℹ️ Check
1. Log in to the SMS client.
2. Select >> "Edit" >> "Preferences". Select "Security" Under "Client Preferences".
3. Verify the option for "Auto reconnect client to server after a disconnect occurs" is unchecked.
If the TippingPoint SMS does not disable auto reconnect after disconnect, this is a finding.
✔️ Fix
1. Log in to the SMS client.
2. Select >> "Edit" >> "Preferences". Select "Security" Under "Client Preferences". Uncheck "Auto reconnect client to server after a disconnect occurs".
3. Click OK.