The RAS or communications server will be configured to limit the number of concurrent connections from the remote user.

From Remote Access Server STIG

Part of SRC-NET-080 Number of concurrent logins

Associated with IA controls: ECSC-1

SV-23844r1_rule The RAS or communications server will be configured to limit the number of concurrent connections from the remote user.

Vulnerability discussion

The number of concurrent logins will be limited in order to guard against the potential for Denial of Service attacks. Recommended setting should be based on usage trends and the number of approved remote users in the organization.

Check content

Work with the SA to examine the RAS. Verify the setting for the number of concurrent end user remote sessions is not set to a value which means unlimited. Value set should be reasonable based on local policy.

Fix text

Ensure the setting for the number of conncurrent end user remote sessions is set to a resonable value and is not unlimited.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer