A failover group signature is not configured on all Sun Ray servers in the failover group.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-16155 | SUN0210 | SV-17144r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Without the use of a failover group signature, an unauthorized Sun Ray server may become a member of the group, thereby receiving replication traffic. Servers in a group authenticate one another using a common group signature. The group signature is a key used to sign messages sent between servers in a group, and it must be configured to be identical on each server. |
| STIG | Date |
|---|---|
| Sun Ray 4 STIG | 2015-04-02 |
Details
| Check Text ( C-17193r1_chk ) |
|---|
| On the Sun Ray server, perform the following: # find /etc/opt/SUNWut/ -name gmSignature If no results are returned, this is a finding. |
| Fix Text (F-16258r1_fix) |
|---|
| Configure a failover group signature to ensure only authorized servers are members of the group. |