Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-827 | GEN003900 | SV-45812r1_rule | Medium |
Description |
---|
Having the '+' character in the hosts.lpd (or equivalent) file allows all hosts to use local system print resources. |
STIG | Date |
---|---|
SUSE Linux Enterprise Server v11 for System z | 2016-12-20 |
Check Text ( C-43133r1_chk ) |
---|
Look for the presence of a print service configuration file. Procedure: # find /etc -name hosts.lpd -print # find /etc -name Systems -print # find /etc -name printers.conf If none of the files are found, this check should be marked Not Applicable. Otherwise, examine the configuration file. Procedure: # more Check for entries that contain a ‘+’ or ‘_’ character. If any are found, this is a finding. For the "cups" print service, verify remote host access is limited. # grep -i Listen /etc/cups/cupsd.conf The /etc/cups/cupsd.conf file must not contain a Listen *: If the network address of the "Listen" line is unrestricted. This is a finding. # grep -i "Allow From" /etc/cups/cupsd.conf The "Allow From" line within the " If the "Allow From" line contains "All" this is a finding. |
Fix Text (F-39202r1_fix) |
---|
Remove the '+' entries from the hosts.lpd (or equivalent) file. Configure cups to use only the localhost or specified remote hosts. Procedure: Modify the /etc/cups/cupsd.conf file to "Listen" only to the local machine or a known set of hosts (i.e., Listen localhost:631). Modify the /etc/cups/cupsd.conf file " Restart cups: # rccups restart |