STIGQter STIGQter: STIG Summary: VMware ESX 3 Server Version: 1 Release: 2 Benchmark Date: 22 Jul 2016: The SSH daemon must only listen on management network addresses unless authorized for uses other than management.

DISA Rule

SV-26750r1_rule

Vulnerability Number

V-22457

Group Title

GEN005504

Rule Version

GEN005504

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit the SSH daemon configuration to specify listening network addresses designated for management traffic.

Check Contents

Check the SSH daemon configuration for listening network addresses.
# grep -i Listen /etc/ssh/sshd_config | grep -v '^#'
If no configuration is returned, or if a returned Listen configuration contains addresses not designated for management traffic, this is a finding.

Vulnerability Number

V-22457

Documentable

True

Rule Version

GEN005504

Severity Override Guidance

Check the SSH daemon configuration for listening network addresses.
# grep -i Listen /etc/ssh/sshd_config | grep -v '^#'
If no configuration is returned, or if a returned Listen configuration contains addresses not designated for management traffic, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

1386

Comments