Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-845 | GEN004980 | SV-40816r1_rule | ECAR-1 ECAR-2 ECAR-3 | Low |
Description |
---|
The -l option allows basic logging of connections. The verbose (on HP) and the debug (on Solaris) allow logging of what files the FTP session transferred. This extra logging makes it possible to easily track which files are being transferred onto or from a system. If they are not configured, the only option for tracking is the audit files. The audit files are much harder to read. If auditing is not properly configured, then there would be no record at all of the file transfer transactions. |
STIG | Date |
---|---|
SOLARIS 10 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2018-04-10 |
Check Text ( C-39540r1_chk ) |
---|
Verify the FTP daemon is invoked with the -l option by SMF. # inetadm -l ftp | grep in.ftpd If the exec name-value pair does not include the -l option for in.ftpd, this is a finding. |
Fix Text (F-34676r1_fix) |
---|
Add the -l option to the exec name-value pair used by SMF to invoke the FTP daemon. # inetadm -m ftp exec="/usr/sbin/in.ftpd [other options] -l" Refresh inetd. # svcadm refresh inetd |