Details
Remote access can be exploited by an attacker to compromise the server. By recording all remote access activities, it will be possible to determine the attacker's location, intent, and degree of success.
VAMI uses the 'mod_accesslog' module to log information relating to remote requests. These logs can then be piped to external monitoring systems.
Satisfies: SRG-APP-000016-WSR-000005
Solution
Navigate to and open /opt/vmware/etc/lighttpd/lighttpd.conf.
Add the following value in the 'server.modules' section:
mod_accesslog
The result should be similar to the following:
server.modules = (
'mod_access',
'mod_accesslog',
'mod_proxy',
'mod_cgi',
'mod_rewrite',
'mod_magnet',
'mod_setenv',
# 7
)
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control, Audit and Accountability.This control applies to the following type of system Unix.
References
- 800-53|AC-17(1)
- 800-53|AU-14(2)
- CAT|II
- CCI|CCI-000067
- CCI|CCI-001462
- Rule-ID|SV-239718r679338_rule
- STIG-ID|VCLD-67-000004
- Vuln-ID|V-239718
Comments
Please sign in to leave a comment.