3.7 - Network Parameters are not tuned - Accept Backlog

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

WebLogic Server performance and functionality can be tuned by configuring attributes such as Maximum Open Sockets that is the maximum number of open sockets allowed in server at a given point of time. When max threshold is reached, server stops accepting any more new requests until no of sockets drops below threshold. Other attributes that can be tuned are Login Timeout; it is the login timeout for the server's plain-text (non-SSL) port, in milliseconds; and Accept Backlog that is the allowed backlog of new TCP connection requests for both the plaintext and SSL port. Configuring these parameters would protect from Denial of service attacks.

An attacker can cause a Denial of Service of the server if the network parameters are not tuned properly.

Solution

1. Open Administration Console
2. In the left pane select Environment->servers.
3. Select the corresponding server
4. Go to Tuning tab
5. Set the following parameters -
-Login Timeout - This is the maximum amount of time allowed for a new connection to establish. Set this to 5000
-Maximum Open Sockets - Set this value to a finite number.
-Accept Backlog - This is number of backlogged, new TCP connection requests that should be allowed for this server's regular and SSL ports. Set this to 300

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-5

Plugin: Unix

Control ID: a51f8ffb974feb6cce320ea63b0fd8d77dc863bdeb5197c5208054e0a2abdd7b