From SOLARIS 10 SPARC SECURITY TECHNICAL IMPLEMENTATION GUIDE
Part of GEN004980
Associated with IA controls: ECAR-3, ECAR-2, ECAR-1
Associated with: CCI-000130
The -l option allows basic logging of connections. The verbose (on HP) and the debug (on Solaris) allow logging of what files the FTP session transferred. This extra logging makes it possible to easily track which files are being transferred onto or from a system. If they are not configured, the only option for tracking is the audit files. The audit files are much harder to read. If auditing is not properly configured, then there would be no record at all of the file transfer transactions.
Verify the FTP daemon is invoked with the -l option by SMF. # inetadm -l ftp | grep in.ftpd If the exec name-value pair does not include the -l option for in.ftpd, this is a finding.
Add the -l option to the exec name-value pair used by SMF to invoke the FTP daemon. # inetadm -m ftp exec="/usr/sbin/in.ftpd [other options] -l" Refresh inetd. # svcadm refresh inetd
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer