Threat SC.IS.SCpSg.8.1

URI: SC.IS.SCpSg.8.1

Description: Privileged channel between Client and Service in service: if access to Service from LogicalSubnet is enabled despite any default firewall rules, then the network path from Client is open and could potentially be exploited in other threats.

Threat Type: Primary Threat

Matching Pattern:

MP-SCpSg

Finds a Service Channel that traverses no logical segments, plus its Client and Service, and network interfaces.

(empty)

P.O.PILSsSC.0

Service Service running on host SHost overloaded by messages from LogicalSubnet: if the interface between SHost and LogicalSubnet is overloaded, and service Service is listening for client messages on that interface, then the overload also affects Service.

(empty)

InService at Role_ServiceChannel

CSG-DisableServiceChannel

Firewall rules that normally allow access to service Service by clients on otherwise blocked network paths are switched off. This strategy represents a permanent restriction introduced by design or in accordance with an operational policy or user preference to avoid accessing Service over certain networks. It may also arise as a side effect of a run-time response to a more specific threat. In either case, it triggers threats representing side effects that would be caused by such a restriction where they affect all available network paths used by a client.

Threat SC.IS.SCpSg.8.1

MP-SCpSg

Triggered by Threat (0)

Triggers Secondary Threats (1)

P.O.PILSsSC.0

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (1)