Check: SOL-11.1-040310
Solaris 11 SPARC STIG:
SOL-11.1-040310
(in versions v2 r10 through v1 r10)
Title
Login services for serial ports must be disabled. (Cat II impact)
Discussion
Login services should not be enabled on any serial ports that are not strictly required to support the mission of the system. This action can be safely performed even when console access is provided using a serial port.
Check Content
Determine if terminal login services are disabled. # svcs -Ho state svc:/system/console-login:terma # svcs -Ho state svc:/system/console-login:termb If the system/console-login services are not "disabled", this is a finding.
Fix Text
The Service Operator profile is required. Disable serial terminal services. # pfexec svcadm disable svc:/system/console-login:terma # pfexec svcadm disable svc:/system/console-login:termb
Additional Identifiers
Rule ID: SV-216347r603267_rule
Vulnerability ID: V-216347
Group Title: SRG-OS-000480
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |