Title

The operating system must employ cryptographic mechanisms to recognize changes to information during transmission unless otherwise protected by alternative physical measures. (Cat II impact)

Discussion

Ensuring that transmitted information is not altered during transmission requires the operating system take feasible measures to employ transmission layer security. This requirement applies to communications across internal and external networks.

Check Content

All remote sessions must be conducted via encrypted services and ports. Check that SSH is enabled: # svcs svc:/network/ssh STATE STIME FMRI online Nov_03 svc:/network/ssh:default Ask the operator to document all configured external ports and protocols. If any unencrypted connections are used, this is a finding.

Fix Text

Configure SSH to be enabled. # svcadm enable svc:/network/ssh

Additional Identifiers

Rule ID: SV-219977r947206_rule

Vulnerability ID: V-219977

Group Title: SRG-OS-000424

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.