3.6 - Insecure 'Idle Timeout' setting

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The maximum number of seconds that a connection is allowed to be idle before it is closed by the server.

Large number of idle connections consumes system resources. This may lead to a possible denial of service.

Solution

1. Open Administration Console, click Lock & Edit.
2. In the left pane select Environment->servers.
3. On the right pane select the corresponding server
4. Go to Protocols->General
5. Change the 'Idle Connection Timeout' setting to 65 seconds.

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-5

Plugin: Unix

Control ID: e1bc7a2868afdf630fcf994c2061eee201b6573b667a9f94ed3863db00c9190d