Back

Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" to organizational standards.


CONTROL ID
07602
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Configure network protection settings to organizational standards., CC ID: 07601

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (73E61FF1-BEEA-4870-A7B3-71E48A59B29C, Win7SP1 Computer Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (97711F97-8B54-4A4C-B635-71B943D2D853, Win7SP1 Computer Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (E9C30FF4-80CF-4EFB-974F-4D96A609EA50, Win8 Computer Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (29DF84A1-49E1-4FF4-9180-48C8A743E3C7, Win8 Computer Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (76B7F378-E2E3-4B9E-9363-74CC9973F2B5, WinVistaSP2 Computer Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (E03D050E-8FB0-40BF-90DD-694606446D07, WinVistaSP2 Computer Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (131D0D46-7B00-4508-B4D4-4055DD68B057, WinXPSP3 Computer Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (AF7059E3-0F5C-4C7B-B934-B6CD46364CB2, WinXPSP3 Computer Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "3". (7829371F-3BDE-473A-9C37-BB48E27E3031, WS2003SP2 Domain Controller Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "3". (8F292E6A-6463-4C13-BAED-C60E11261B23, WS2003SP2 Domain Controller Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "3". (38A244FF-7934-4B25-83D8-BD7F0921C470, WS2003SP2 Member Server Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "3". (82E195CC-F893-45AE-973A-E6FE2CCF7946, WS2003SP2 Member Server Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (5D9E460A-EC6E-4AC6-88CA-20BA502B5193, WS2008R2SP1 Domain Controller Security Compliance, 1.1)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (30C9CD62-73B8-4828-B330-015ED2F44A4B, WS2008R2SP1 Domain Controller Security Compliance, 1.1)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (FC9B89B5-1F38-49B1-A556-D605BE20CDC7, WS2008R2SP1 Member Server Security Compliance, 1.1)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (DCBF8A94-9A68-4CEB-BD4E-1D4FA3B9CBBB, WS2008R2SP1 Member Server Security Compliance, 1.1)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "3". (04CDBC9A-BF6E-4DE6-9CF9-C6F3F9E499E9, WS2008SP2 Domain Controller Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "3". (56B3CF5C-C44F-4477-8B91-7B0E0D7D3338, WS2008SP2 Domain Controller Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "3". (A9221B7F-BA27-4A63-BC55-8B4605237991, WS2008SP2 Member Server Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "3". (A1579C05-25E9-4A12-B68E-71116E33B9E1, WS2008SP2 Member Server Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (535DBC70-62E1-4A0C-AAAE-BCCBA12F4F77, WS2012 Domain Controller Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (9B383647-4895-4420-90B4-C2692E9DC956, WS2012 Domain Controller Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (0C47152D-7DA4-4F3B-8A3F-09CC2A9E531F, WS2012 Member Server Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting to "Not Defined". (6D5722FF-F653-43F7-8705-109E6FE23F2B, WS2012 Member Server Security Compliance, 1.0)
  • (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3' Description: This setting controls the number of times that TCP retransmits an individual data segment (non-connect segment) before the connection is aborted. The retransmission … (18.4.11, CIS Microsoft Windows Server 2019 Benchmark, v1.2.1, Level 2)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.2.1.1.1.45_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.2.1.1.1.45.1_, The Center for Internet Security Microsoft Windows 7 Level 1 + BitLocker Benchmark, 2.1.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.2.1.1.1.45_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.2.1.1.1.45.2_, The Center for Internet Security Microsoft Windows 7 Level 1 + BitLocker Benchmark, 2.1.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.2.1.1.1.45_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.2.1.1.1.45.2_, The Center for Internet Security Microsoft Windows 7 Level 1 Benchmark, 2.1.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.2.1.1.1.45_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.2.1.1.1.45.1_, The Center for Internet Security Microsoft Windows 7 Level 1 Benchmark, 2.1.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.9.7_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.9.7.2_, The Center for Internet Security Microsoft Windows 8 Level 1 + BitLocker Benchmark, 1.0.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.9.7_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.9.7.1_, The Center for Internet Security Microsoft Windows 8 Level 1 + BitLocker Benchmark, 1.0.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.9.7_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.9.7.2_, The Center for Internet Security Microsoft Windows 8 Level 1 Benchmark, 1.0.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.9.7_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.9.7.1_, The Center for Internet Security Microsoft Windows 8 Level 1 Benchmark, 1.0.0)
  • Title: Set 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' to '3' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcp… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.33_Set_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default_to_3 Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.33.1_, The Center for Internet Security Microsoft Windows Server 2008 Level 1 Domain Controller Benchmark, 2.1.0)
  • Title: Set 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' to '3' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcp… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.33_Set_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default_to_3 Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.33.2_, The Center for Internet Security Microsoft Windows Server 2008 Level 1 Domain Controller Benchmark, 2.1.0)
  • Title: Set 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' to '3' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcp… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.33_Set_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default_to_3 Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.33.1_, The Center for Internet Security Microsoft Windows Server 2008 Level 1 Member Server Benchmark, 2.1.0)
  • Title: Set 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' to '3' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcp… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.33_Set_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default_to_3 Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.33.2_, The Center for Internet Security Microsoft Windows Server 2008 Level 1 Member Server Benchmark, 2.1.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.98_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.98.2_, The Center for Internet Security Microsoft Windows Server 2008 R2 Level 1 Domain Controller Benchmark, 2.1.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.98_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.98.1_, The Center for Internet Security Microsoft Windows Server 2008 R2 Level 1 Domain Controller Benchmark, 2.1.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.98_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.98.2_, The Center for Internet Security Microsoft Windows Server 2008 R2 Level 1 Member Server Benchmark, 2.1.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.1.2.1.98_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.1.2.1.98.1_, The Center for Internet Security Microsoft Windows Server 2008 R2 Level 1 Member Server Benchmark, 2.1.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.10.10_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.10.10.1_, The Center for Internet Security Microsoft Windows Server 2012 Level 1 Domain Controller Benchmark, 1.0.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.10.10_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.10.10.2_, The Center for Internet Security Microsoft Windows Server 2012 Level 1 Domain Controller Benchmark, 1.0.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.10.10_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.10.10.2_, The Center for Internet Security Microsoft Windows Server 2012 Level 1 Member Server Benchmark, 1.0.0)
  • Title: Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' Description: The registry value entry TCPMaxDataRetransmissions was added to the template file in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpi… (Rule: xccdf_org.cisecurity.benchmarks_rule_1.1.3.10.10_Configure_MSS_TcpMaxDataRetransmissions_How_many_times_unacknowledged_data_is_retransmitted_3_recommended_5_is_default Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_1.1.3.10.10.1_, The Center for Internet Security Microsoft Windows Server 2012 Level 1 Member Server Benchmark, 1.0.0)
  • The 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)' setting should be configured correctly. Technical Mechanisms: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\MSS: (TcpMaxDataR… (CCE-10941-3, Common Configuration Enumeration List, Combined XML: Microsoft Windows Server 2008 R2, 5.20130214)
  • The TcpMaxDataRetransmissions setting should be properly configured. Technical Mechanisms: (1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDataRetransmissions Parameters: (1) number of retransmissions References: 10.8.20-14 (CCE-4961-9, Common Configuration Enumeration List, Combined XML: Windows 2000, 5.20130214)
  • The number of retransmissions sent of TCP data segments before the connection is dropped should be set correctly. Technical Mechanisms: (1) HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDataRetransmissions (2) Computer Configuration\Windows Settings\Local Policies\Security Options\… (CCE-7613-3, Common Configuration Enumeration List, Combined XML: Windows Server 2003, 5.20130214)