Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-982 | GEN003160 | SV-27352r1_rule | ECAR-1 ECAR-2 ECAR-3 | Medium |
Description |
---|
Cron logging can be used to trace the successful or unsuccessful execution of cron jobs. It can also be used to spot intrusions into the use of the cron facility by unauthorized and malicious users. |
STIG | Date |
---|---|
Red Hat Enterprise Linux 5 Security Technical Implementation Guide | 2013-04-10 |
Check Text ( C-28494r1_chk ) |
---|
# grep cron /etc/syslog.conf If cron logging is not configured, this is a finding. Check the configured cron log file found in the cron entry of /etc/syslog (normally /var/log/cron). # ls -lL /var/log/cron If this file does not exist, or is older than the last cron job, this is a finding. |
Fix Text (F-31389r1_fix) |
---|
Edit /etc/syslog.conf and setup cron logging. |