From Remote Endpoint STIG
Part of SRC-EPT-430 Firewall inbound traffic log
Associated with IA controls: ECSC-1
Logs are needed in the event that an attack was successful or in order to detect potentially malicious activity. (Remote Only)
Have the SA or NSO demonstrate the configuration of the personal firewall. The method of access to the firewall configuration will vary with the actual software. However, in general, the configuration can be viewed by clicking on the program icon in the desktop tray or by using the Start menu. Navigate to the Alerts configuration menu or tab and verify that the setting to log alerts is enabled. At a minimum, all inbound connections from the Internet Zone must be logged to a text file. If the log alerts setting is not enabled in the personal firewall software, this is a finding.
Configure the firewall to log in bound connections.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer