AIX7-00-002131 - AIX must implement a remote syslog server that is documented using site-defined procedures.

Information

If a remote log host is in use and it has not been justified and documented, sensitive information could be obtained by unauthorized users without the administrator's knowledge.

Satisfies: SRG-OS-000480-GPOS-00227, SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224

Solution

Edit the /etc/syslog.conf file to include a documented and approved remote log host.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_AIX_7-x_V2R9_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

References: 800-53|AU-4(1), 800-53|CM-6b., CAT|II, CCI|CCI-000366, CCI|CCI-001851, Rule-ID|SV-215312r853479_rule, STIG-ID|AIX7-00-002131, STIG-Legacy|SV-101755, STIG-Legacy|V-91657, Vuln-ID|V-215312

Plugin: Unix

Control ID: 7df22f4be462d512f5d416d40d9c86adbd9b9c8197f1c0fdea93e0eccdd6b43c