NET0728 - DHCP service is not disabled on premise

Information

The administrator must ensure DHCP Services are disabled on premise routers.

By sending a large packet to the Dynamic Host Configuration Protocol (DHCP) port it is possible to freeze the routers processing engine. Review all Cisco router configurations to verify that no service dhcp is found. Note: Service DHCP is enabled by default.

Solution

The administrator must change the router configuration files to include the following CISCO commands- no service dhcp.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Network_Perimeter_Router_L3_Switch_V8R32_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7, CAT|III, CSCv6|9.1, Rule-ID|SV-5617r2_rule, STIG-ID|NET0728, Vuln-ID|V-5617

Plugin: Cisco

Control ID: e9618e73fc4194bd00dd475b17cc74219bd65fe5f3f1a305b324e62dc447ed11