The OS X firewall must have logging enabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-51677 | OSX8-00-00950 | SV-65887r1_rule | Medium |
| Description |
|---|
| Firewall logging must be enabled. This requirement is NA if HBSS is used. |
| STIG | Date |
|---|---|
| Apple OS X 10.8 (Mountain Lion) Workstation STIG | 2015-02-10 |
Details
| Check Text ( C-53981r1_chk ) |
|---|
| To check if the OS X firewall has logging enabled, run the following command: /usr/libexec/ApplicationFirewall/socketfilterfw --getloggingmode | grep on If the result is not enabled, this is a finding. |
| Fix Text (F-56475r1_fix) |
|---|
| To enable the firewall logging, run the following command: /usr/libexec/ApplicationFirewall/socketfilterfw --setloggingmode on |