STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must monitor remote access methods - SSH Daemon.

DISA Rule

SV-99021r1_rule

Vulnerability Number

V-88371

Group Title

SRG-OS-000032-GPOS-00013

Rule Version

VROM-SL-000070

Severity

CAT II

CCI(s)

• CCI-000067 - The information system monitors remote access methods.

Weight

10

Fix Recommendation

To configure SSH to verbosely log connection attempts and failed logon attempts to the server, run the following command:

# sed -i 's/^.*\bLogLevel\b.*$/LogLevel VERBOSE/' /etc/ssh/sshd_config

The SSH service will need to be restarted after the above change has been made to SSH. This can be done by running the following command:

# service sshd restart

Check Contents

Verify that SSH is configured to verbosely log connection attempts and failed logon attempts to the server by running the following command:

# grep LogLevel /etc/ssh/sshd_config | grep -v '#'

The output message must contain the following text:

LogLevel VERBOSE

If it is not set to "VERBOSE", this is a finding.

Vulnerability Number

V-88371

Documentable

False

Rule Version

VROM-SL-000070

Severity Override Guidance

Verify that SSH is configured to verbosely log connection attempts and failed logon attempts to the server by running the following command:

# grep LogLevel /etc/ssh/sshd_config | grep -v '#'

The output message must contain the following text:

LogLevel VERBOSE

If it is not set to "VERBOSE", this is a finding.

Check Content Reference

M

Target Key

3461

Comments