STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

The AIX syslog daemon must not accept remote messages unless it is a syslog server documented using site-defined procedures.

DISA Rule

SV-215313r508663_rule

Vulnerability Number

V-215313

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

AIX7-00-002132

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Change the "syslogd" arguments in the src subsystem control and restart the "syslogd" daemon using the following commands:
# chssys -s syslogd -a '-R'
# stopsrc -s syslogd
# startsrc -s syslogd

Check Contents

Verify "syslogd" is running with the "-R" option using command:
# ps -ef | grep syslogd | grep -v grep

The above command should yield the following output:
root 4063356 3342368 0 Sep 11 - 0:01 /usr/sbin/syslogd -R

If the "-R" option is not present with the syslogd process, this is a finding.

Vulnerability Number

V-215313

Documentable

False

Rule Version

AIX7-00-002132

Severity Override Guidance

Verify "syslogd" is running with the "-R" option using command:
# ps -ef | grep syslogd | grep -v grep

The above command should yield the following output:
root 4063356 3342368 0 Sep 11 - 0:01 /usr/sbin/syslogd -R

If the "-R" option is not present with the syslogd process, this is a finding.

Check Content Reference

M

Target Key

4012

Comments