| VID |
29154 |
| Severity |
30 |
| Port |
22 |
| Protocol |
TCP |
| Class |
CISCO |
| Detailed Description |
The CISCO IOS system does not use tcp keepalive service. tcp keepalives which is TCP/IP's timeout function should be used to kill sessions where the remote side has died. Because stale connections use resources and could potentially be hijacked to gain illegitimate access.
* Platforms Affected:
CISCO IOS |
| Recommendation |
Use tcp-keepalive-in service as follows :
Router# config terminal
Router(config) service tcp-keepalives-in |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
