Check: GEN005201
Solaris 10 X86 STIG:
GEN005201
(in versions v2 r4 through v2 r2)
Title
X11 forwarding for SSH must be disabled. (Cat II impact)
Discussion
Enabling X11 Forwarding on the host can permit a malicious user to secretly open another X11 connection to another remote client during the session and perform unobtrusive activities such as keystroke monitoring. If the X11 services are not required for the system's intended function, they should be disabled or restricted as appropriate to the user's needs.
Check Content
Determine if X11 Forwarding is enabled. # grep "^X11Forwarding" /etc/ssh/sshd_config If the output of this command is not “X11Forwarding no”, this is a finding.
Fix Text
The root role is required. Modify the sshd_config file. # vi /etc/ssh/sshd_config Locate the line containing: X11Forwarding Change it to: X11Forwarding no Restart the SSH service. # svcadm restart svc:/network/ssh
Additional Identifiers
Rule ID: SV-233303r603289_rule
Vulnerability ID: V-233303
Group Title: SRG-OS-000480
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |