Threat I.DA.I.8

URI: I.DA.I.8

Description: Access to Host from LogicalSubnet enabled: if the network connection between Host and LogicalSubnet is in service, then messages addressed to Host will be accepted via that connection, unless blocked by a firewall policy.

Threat Type: Primary Threat

Matching Pattern:

MP-I

Finds a solo Interface, plus the associated host and subnet (which is not a hotspot) and optionally the host manager.

(empty)

ConnectionsAllowed at Role_Interface

CSG-BlockInterface

Apply a default firewall rule at host Host to drop messages sent to the host from subnet LogicalSubnet, unless they are service requests or responses.

Threat I.DA.I.8

MP-I

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (1)