Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-836 | GEN004460 | SV-39155r1_rule | ECSC-1 ECAR-1 ECAR-2 ECAR-3 | Medium |
Description |
---|
If informational and more severe SMTP service messages are not logged, malicious activity on the system may go unnoticed. |
STIG | Date |
---|---|
AIX 5.3 SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2014-10-03 |
Check Text ( C-38139r1_chk ) |
---|
Check the syslog configuration file for mail.crit logging configuration. The syslog.conf file critical mail logging option line will typically appear as one of the following examples: mail.crit /var/log/syslog *.crit /var/log/syslog mail.* /var/log/syslog Procedure: # more /etc/syslog.conf If syslog is not configured to log critical Sendmail messages, this is a finding. |
Fix Text (F-33411r1_fix) |
---|
Edit the syslog.conf file and add a configuration line specifying an appropriate destination for mail.crit syslogs. |