STIGQter STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The SSH daemon must only listen on management network addresses unless authorized for uses other than management.

DISA Rule

SV-227892r603266_rule

Vulnerability Number

V-227892

Group Title

SRG-OS-000480

Rule Version

GEN005504

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit the SSH daemon configuration to specify listening network addresses designated for management traffic.

Check Contents

Check the SSH daemon configuration for listening network addresses.
# grep -i Listen /etc/ssh/sshd_config | grep -v '^#'
If no configuration is returned, or if a returned Listen configuration contains addresses not designated for management traffic, this is a finding.

Vulnerability Number

V-227892

Documentable

False

Rule Version

GEN005504

Severity Override Guidance

Check the SSH daemon configuration for listening network addresses.
# grep -i Listen /etc/ssh/sshd_config | grep -v '^#'
If no configuration is returned, or if a returned Listen configuration contains addresses not designated for management traffic, this is a finding.

Check Content Reference

M

Target Key

4061

Comments