From Sun Ray 4 STIG
Part of Sun Ray Server does not record log files.
Associated with IA controls: ECAR-3, ECAR-2, ECAR-1
Logs form a recorded history or audit trail of the Sun Ray server system events, making it easier for system administrators to track down intermittent problems, review past events, and piece together information if an investigation is required. Without this recorded history, potential attacks and suspicious activity will go unnoticed.
1. Verify that syslogd is running on the system. Perform the following: # ps –ef | grep syslogd If nothing is returned, this is a finding. 2. Verify /etc/syslog.conf is configured with the following entries: # cat /etc/syslog.conf User.info /var/opt/SUNWut/log/messages Local1.info /var/opt/SUNWut/log/admin_log If these two entries are missing, this is a finding. 3. Critical Sun Ray log files are the administration, authentication, automatic mounting, mass storage devices, messages, and web administration. Significant activity is recorded in the following log files. Verify that these files are being written to by performing the following: # ls -Ll /var/opt/SUNWut/log | awk ‘{if ($5 ~ /^0$/ print}’ If any of the following log files are returned this is a finding. admin_log auth_log utmountd.log utstoraged.log messages utwebadmin.log Example of log file with zero byte (0) size. (i.e. –rw-r----- 1 root utadmin 0 Jun 29 utmountd.log) If these logs are being written to an external syslog server, review that server to ensure the logs are being recorded.
Record Sun Ray server activity to log files.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer