STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The FTP daemon must be configured for logging or verbose mode.

DISA Rule

SV-227861r603266_rule

Vulnerability Number

V-227861

Group Title

SRG-OS-000037

Rule Version

GEN004980

Severity

CAT III

CCI(s)

CCI-000130 - The information system generates audit records containing information that establishes what type of event occurred.

Weight

Fix Recommendation

Add the -l option to the exec name-value pair used by SMF to invoke the FTP daemon.
# inetadm -m ftp exec="/usr/sbin/in.ftpd [other options] -l"
Refresh inetd.
# svcadm refresh inetd

Check Contents

Verify the FTP daemon is invoked with the -l option by SMF.
# inetadm -l ftp | grep in.ftpd
If the exec name-value pair does not include the -l option for in.ftpd, this is a finding.

Vulnerability Number

V-227861

Documentable

False

Rule Version

GEN004980

Severity Override Guidance

Verify the FTP daemon is invoked with the -l option by SMF.
# inetadm -l ftp | grep in.ftpd
If the exec name-value pair does not include the -l option for in.ftpd, this is a finding.

Check Content Reference

Target Key

4061

The FTP daemon must be configured for logging or verbose mode.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments