OL6-00-000148 - The operating system must employ automated mechanisms to facilitate the monitoring and control of remote access methods - PROCESS_CHECK

Information

Ensuring the 'auditd' service is active ensures audit records generated by the kernel can be written to disk, or that appropriate actions will be taken if other obstacles exist.

Solution

The 'auditd' service is an essential userspace component of the Linux Auditing System, as it is responsible for writing audit records to disk. The 'auditd' service can be enabled with the following commands:

# chkconfig auditd on
# service auditd start

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_6_V2R6_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-17(1), CAT|II, CCI|CCI-000067, Rule-ID|SV-208876r793661_rule, STIG-ID|OL6-00-000148, STIG-Legacy|SV-65239, STIG-Legacy|V-51033, Vuln-ID|V-208876

Plugin: Unix

Control ID: 31ac14adc182f48a20476aa3fb798679cd47f29f40f7a9557494ad47c1360c2c