Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-836 | GEN004460 | SV-39155r1_rule | ECSC-1 | Medium |
Description |
---|
If informational and more severe SMTP service messages are not logged, malicious activity on the system may go unnoticed. |
STIG | Date |
---|---|
Draft AIX Security Technical Implementation Guide | 2011-08-17 |
Check Text ( C-38139r1_chk ) |
---|
Check the syslog configuration file for mail.crit logging configuration. The syslog.conf file critical mail logging option line will typically appear as one of the following examples: mail.crit /var/log/syslog *.crit /var/log/syslog mail.* /var/log/syslog. Procedure: # more /etc/syslog.conf If syslog is not configured to log critical Sendmail messages, this is a finding. |
Fix Text (F-33411r1_fix) |
---|
Edit the syslog.conf file and add a configuration line specifying an appropriate destination for mail.crit syslogs. |