Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-845 | GEN004980 | SV-845r2_rule | ECAR-1 ECAR-2 ECAR-3 | Low |
Description |
---|
Verbose FTP logging allows the examination of events involving FTP account activity, including login/logout events and file transfers. Without this configuration, logs necessary for troubleshooting or analyzing security incidents will be incomplete. |
STIG | Date |
---|---|
VMware ESX 3 Server | 2016-05-13 |
Check Text ( C-710r3_chk ) |
---|
Examine the FTP daemon service configuration. # grep ftpd /etc/inetd.conf, Check the line for ftpd and determine if the -l or -v options are present. If not, this is a finding. |
Fix Text (F-999r2_fix) |
---|
Edit the FTP daemon configuration in /etc/inetd.conf and add the "-l" or "-v" options (as appropriate) to enable verbose logging. |