STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

Inetd or xinetd logging/tracing must be enabled.

DISA Rule

SV-227820r603266_rule

Vulnerability Number

V-227820

Group Title

SRG-OS-000041

Rule Version

GEN003800

Severity

CAT III

CCI(s)

• CCI-000134 - The information system generates audit records containing information that establishes the outcome of the event.

Weight

10

Fix Recommendation

Enable logging or tracing for inetd.

Procedure:
# inetadm -M tcp_trace=TRUE

Set the tcp_trace inet service property to the default for all enabled inetd-managed services.

# inetadm | grep enabled | awk '{print $NF}' | xargs -I X inetadm -m X tcp_trace=

(Note: The trailing '=' instructs inetd to use the default value for tcp_trace.)

Check Contents

Verify the default value of the inet service property tcp_trace.
# inetadm -p |grep tcp_trace

If the tcp_trace inet service property is not set or is set to FALSE, this is a finding.

Verify that all enabled inetd-managed processes have the tcp_trace inet service property set to the default value or TRUE.
# inetadm | grep enabled | awk '{print $NF}' | xargs inetadm -l | more

If any enabled inetd-managed processes have the tcp_trace inet service property set to FALSE, this is a finding.

Vulnerability Number

V-227820

Documentable

False

Rule Version

GEN003800

Severity Override Guidance

Verify the default value of the inet service property tcp_trace.
# inetadm -p |grep tcp_trace

If the tcp_trace inet service property is not set or is set to FALSE, this is a finding.

Verify that all enabled inetd-managed processes have the tcp_trace inet service property set to the default value or TRUE.
# inetadm | grep enabled | awk '{print $NF}' | xargs inetadm -l | more

If any enabled inetd-managed processes have the tcp_trace inet service property set to FALSE, this is a finding.

Check Content Reference

M

Target Key

4061

Comments