Documentation - V-269780

V-269780

Dell OS10 Switch NDM Security Technical Implementation Guide

CAT II

Title

The Dell OS10 Switch must implement replay-resistant authentication mechanisms for network access to privileged accounts.

Description

<VulnDiscussion>A replay attack may enable an unauthorized user to gain access to the application. Authentication sessions between the authenticator and the application validating the user credentials must not be vulnerable to a replay attack. An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. Techniques used to address this include protocols using nonces (e.g., numbers gene...

Fix Text (Documentation Requirement)

Configure the OS10 Switch to implement replay-resistant authentication mechanisms for network access to privileged accounts: OS10(config)# crypto fips enable WARNING: Upon committing this configuration, the system will regenerate SSH keys. Please consult documentation and toggle FIPS mode only if you know what you are doing! Continue? [yes/no(default)]:yes OS10(config)# Disable telnet if it has been enabled: OS10(config)# no ip telnet server enable Enable SSH if it has been disabled: OS10(config)# ip ssh server enable

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel