Threat SC.IS.SCmSg.8.1

URI: SC.IS.SCmSg.8.1

Description: Privileged channel between Client and Service in service: if all routes via gateways plus the final interface to the service host are enabled despite any default firewall rules, then the network path from Client is open and could potentially be exploited in other threats.

Threat Type: Primary Threat

Matching Pattern:

MP-SCmSg

Finds a Service Channel traversing at least one logical segment, plus its Client and Service, and network interfaces.

(empty)

P.O.PILSsSC.0

Service Service running on host SHost overloaded by messages from LogicalSubnet: if the interface between SHost and LogicalSubnet is overloaded, and service Service is listening for client messages on that interface, then the overload also affects Service.

(empty)

InService at Role_ServiceChannel

CSG-DisableServiceChannel

Firewall rules that normally allow access to service Service by clients on otherwise blocked network paths are switched off. This strategy represents a permanent restriction introduced by design or in accordance with an operational policy or user preference to avoid accessing Service over certain networks. It may also arise as a side effect of a run-time response to a more specific threat. In either case, it triggers threats representing side effects that would be caused by such a restriction where they affect all available network paths used by a client.

Threat SC.IS.SCmSg.8.1

MP-SCmSg

Triggered by Threat (0)

Triggers Secondary Threats (1)

P.O.PILSsSC.0

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (1)