Back

Configure the "MSS: (TcpMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged" to organizational standards.


CONTROL ID
08279
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Configure network protection settings to organizational standards., CC ID: 07601

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Configure the "MSS: (TcpMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged" setting to "Not Defined". (BB82290A-F82E-4E9D-8598-7092D2E3B314, WinXPSP3 Computer Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged" setting to "Not Defined". (4B8E444F-8AAE-4D3E-99E6-BB5840142512, WinXPSP3 Computer Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged" setting to "3 & 6 seconds, half-open connections dropped after 21 seconds". (3D9DA1CA-10AE-414F-A60F-7204934591DE, WS2003SP2 Domain Controller Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged" setting to "3 & 6 seconds, half-open connections dropped after 21 seconds". (53A8DD3C-55FB-46AE-83E3-784059F688CC, WS2003SP2 Domain Controller Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged" setting to "3 & 6 seconds, half-open connections dropped after 21 seconds". (40463D51-591B-4043-BF47-45DEBC451105, WS2003SP2 Member Server Security Compliance, 1.0)
  • Configure the "MSS: (TcpMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged" setting to "3 & 6 seconds, half-open connections dropped after 21 seconds". (21557983-3642-4E6F-81EB-53274EE56EE0, WS2003SP2 Member Server Security Compliance, 1.0)
  • TcpMaxConnectResponseRetransmissions should be properly configured. Technical Mechanisms: (1) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxConnectResponseRetransmissions Parameters: (1) number of retransmissions References: 10.8.20-14 (CCE-4489-1, Common Configuration Enumeration List, Combined XML: Windows 2000, 5.20130214)
  • The "MSS: (TCPMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged" setting should be configured correctly. Technical Mechanisms: (1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (TCPMaxConnectResp… (CCE-2384-6, Common Configuration Enumeration List, Combined XML: Windows Server 2008, 5.20130214)