STIGQter: STIG Summary: Solaris 10 SPARC Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The SSH daemon must only listen on management network addresses unless authorized for uses other than management.

DISA Rule

SV-226985r603265_rule

Vulnerability Number

V-226985

Group Title

SRG-OS-000480

Rule Version

GEN005504

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Edit the SSH daemon configuration to specify listening network addresses designated for management traffic.

Check Contents

Check the SSH daemon configuration for listening network addresses.
# grep -i Listen /etc/ssh/sshd_config | grep -v '^#'
If no configuration is returned, or if a returned Listen configuration contains addresses not designated for management traffic, this is a finding.

Vulnerability Number

V-226985

Documentable

False

Rule Version

GEN005504

Severity Override Guidance

Check the SSH daemon configuration for listening network addresses.
# grep -i Listen /etc/ssh/sshd_config | grep -v '^#'
If no configuration is returned, or if a returned Listen configuration contains addresses not designated for management traffic, this is a finding.

Check Content Reference

M

Target Key

4060

Comments