STIGQter STIGQter: STIG Summary: SOLARIS 9 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE Version: 1 Release: 9 Benchmark Date: 23 Oct 2015: The syslog daemon must not accept remote messages unless it is a syslog server documented using site-defined procedures.

DISA Rule

SV-28430r1_rule

Vulnerability Number

V-12021

Group Title

GEN005480

Rule Version

GEN005480

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit /etc/default/syslogd and set the LOG_FROM_REMOTE parameter to "no".
Restart the syslog service.

Check Contents

Determine if the syslog daemon accepts remote messages.
# ps -ef | grep syslogd
If the -t option is not present, this is a finding.

# grep LOG_FROM_REMOTE /etc/default/syslogd | grep -i no
If the LOG_FROM_REMOTE setting is not set to no, this is a finding.

Vulnerability Number

V-12021

Documentable

False

Rule Version

GEN005480

Severity Override Guidance

Determine if the syslog daemon accepts remote messages.
# ps -ef | grep syslogd
If the -t option is not present, this is a finding.

# grep LOG_FROM_REMOTE /etc/default/syslogd | grep -i no
If the LOG_FROM_REMOTE setting is not set to no, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

22

Comments