STIGQter STIGQter: STIG Summary:

VMware vSphere 6.7 Perfcharts Tomcat Security Technical Implementation Guide

Version: 1

Release: 1 Benchmark Date: 09 Mar 2021

SV-239402r674929_rulePerformance Charts must limit the amount of time that each TCP connection is kept alive.
SV-239403r717041_rulePerformance Charts must limit the number of concurrent connections permitted.
SV-239404r674935_rulePerformance Charts must limit the maximum size of a POST request.
SV-239405r674938_rulePerformance Charts must protect cookies from cross-site scripting (XSS).
SV-239406r675021_rulePerformance Charts must record user access in a format that enables monitoring of remote access.
SV-239407r674944_rulePerformance Charts must generate log records for system startup and shutdown.
SV-239408r674947_rulePerformance Charts log files must only be modifiable by privileged users.
SV-239409r674950_rulePerformance Charts application files must be verified for their integrity.
SV-239410r674953_rulePerformance Charts must only run one web app.
SV-239411r674956_rulePerformance Charts must not be configured with unsupported realms.
SV-239412r674959_rulePerformance Charts must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled.
SV-239413r674962_rulePerformance Charts must have mappings set for Java servlet pages.
SV-239414r674965_rulePerformance Charts must not have the Web Distributed Authoring (WebDAV) servlet installed.
SV-239415r674968_rulePerformance Charts must be configured with memory leak protection.
SV-239416r674971_rulePerformance Charts must not have any symbolic links in the web content directory tree.
SV-239417r674974_rulePerformance Charts directory tree must have permissions in an "out-of-the box" state.
SV-239418r674977_rulePerformance Charts must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
SV-239419r674980_rulePerformance Charts must limit the number of allowed connections.
SV-239420r674983_rulePerformance Charts must set "URIEncoding" to UTF-8.
SV-239421r674986_rulePerformance Charts must use the "setCharacterEncodingFilter" filter.
SV-239422r674989_rulePerformance Charts must set the welcome-file node to a default web page.
SV-239423r674992_rulePerformance Charts must not show directory listings.
SV-239424r674995_rulePerformance Charts must configured to show error pages with minimal information.
SV-239425r674998_rulePerformance Charts must not enable support for TRACE requests.
SV-239426r675001_rulePerformance Charts must have the debug option turned off.
SV-239427r675004_rulePerformance Charts must properly configure log sizes and rotation.
SV-239428r675007_ruleRsyslog must be configured to monitor and ship Performance Charts log files.
SV-239429r675010_rulePerformance Charts must be configured with the appropriate ports.
SV-239430r675013_rulePerformance Charts must disable the shutdown port.
SV-239431r675016_rulePerformance Charts must set the secure flag for cookies.
SV-239432r675019_rulePerformance Charts must be configured to limit access to internal packages.