SLEM-05-653065 - SLEM 5 audit event multiplexor must be configured to use Kerberos.

Information

Information stored in one location is vulnerable to accidental or incidental deletion or alteration.

Allowing devices and users to connect to or from the system without first authenticating them allows untrusted access and can lead to a compromise or attack. Audit events that may include sensitive data must be encrypted prior to transmission. Kerberos provides a mechanism to provide both authentication and encryption for audit event records.

Solution

Configure SLEM 5 audit event multiplexor to use Kerberos.

Add or modify the following line in the "/etc/audisp/audisp-remote.conf" file:

enable_krb5 = yes

Item Details

Audit Name: DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4

Category: AUDIT AND ACCOUNTABILITY

Plugin: Unix

Control ID: 0e630c206aa897b155769ae06d335c527376f8291a82c9ffbf3e90a1f16d024e

Detections

Analytics

SLEM-05-653065 - SLEM 5 audit event multiplexor must be configured to use Kerberos.

Information

Solution

See Also

Item Details