OL6-00-000339 - The FTP daemon must be configured for logging or verbose mode - 'log_ftp_protocol'

Information

To trace malicious activity facilitated by the FTP service, it must be configured to ensure that all commands sent to the ftp server are logged using the verbose vsftpd log format. The default vsftpd log file is /var/log/vsftpd.log.

Solution

Add or correct the following configuration options within the 'vsftpd' configuration file, located at '/etc/vsftpd/vsftpd.conf'.

xferlog_enable=YES
xferlog_std_format=NO
log_ftp_protocol=YES

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_6_V2R7_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-3, CAT|III, CCI|CCI-000130, Rule-ID|SV-209041r793762_rule, STIG-ID|OL6-00-000339, STIG-Legacy|SV-64945, STIG-Legacy|V-50739, Vuln-ID|V-209041

Plugin: Unix

Control ID: cdec5a806dcfadf4ebb828b19d5c95cdc60b24499f796d6053a92a42c8698baf