Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-836 | GEN004460 | SV-836r2_rule | ECSC-1 | Medium |
Description |
---|
If informational and more severe SMTP service messages are not logged, malicious activity on the system may go unnoticed. |
STIG | Date |
---|---|
VMware ESX 3 Server | 2016-05-13 |
Check Text ( C-617r2_chk ) |
---|
Check the syslog configuration file for mail.crit logging configuration. Procedure: # more /etc/syslog.conf Verify a line similar to one of the following lines is present in syslog.conf is configured so that critical mail log data is logged. (Critical log data may also be captured by a remote log host in accordance with GEN005460.) mail.crit /var/adm/messages *.crit /var/log/messages If syslog is not configured to log critical Sendmail messages, this is a finding. |
Fix Text (F-990r2_fix) |
---|
Edit the syslog.conf file and add a configuration line specifying an appropriate destination for mail.crit syslogs. |