Navigate

Check: GEN000440

VMware ESX 3 Server: GEN000440 (in version v1 r2)

Title

Successful and unsuccessful logins and logouts must be logged. (Cat II impact)

Discussion

Monitoring and recording successful and unsuccessful logins assists in tracking unauthorized access to the system. Without this logging, the ability to track unauthorized activity to specific user accounts may be diminished.

Check Content

Check the system logs for successful and unsuccessful logins. If these events are not present in the logs, this is a finding.

Fix Text

Verify the login logs are handled correctly in the /etc/syslog.conf file. Verify the service startup scripts for syslog and utmp (if present) are enabled.

Additional Identifiers

Rule ID: SV-765r2_rule

Vulnerability ID: V-27079

Group Title: GEN000440

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001668	The organization employs malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
No controls are assigned to this check