>From 331dfd8c3eb9a73997a2b3459651ac54cc9496ae Mon Sep 17 00:00:00 2001 From: Shawn Wells <[email protected]> Date: Mon, 14 Apr 2014 22:21:57 -0400 Subject: [PATCH 21/26] Adding rsyslog_nolisten mapping
--- RHEL/6/input/profiles/C2S.xml | 7 ++++--- 1 files changed, 4 insertions(+), 3 deletions(-) diff --git a/RHEL/6/input/profiles/C2S.xml b/RHEL/6/input/profiles/C2S.xml index c06ebd4..07968a1 100644 --- a/RHEL/6/input/profiles/C2S.xml +++ b/RHEL/6/input/profiles/C2S.xml @@ -357,14 +357,15 @@ Patches would be most welcome! <!-- NEEDS RULE. LOW PRIORITY SINCE NOT SCORED --> <!-- 4.5.3 Verify Permissions on /etc/hosts.allow (Scored) --> -<!-- NEEDS RULE. LOW PRIORITY SINCE NOT SCORED --> +<!-- This rule is met through RPM Verify, will add mappings later --> <!-- 4.5.4 Create /etc/hosts.deny (Not Scored) --> <!-- NEEDS RULE. LOW PRIORITY SINCE NOT SCORED --> <!-- 4.5.5 Verify Permissions on /etc/hosts.deny (Scored)--> -<!-- NEEDS RULE. LOW PRIORITY SINCE NOT SCORED --> +<!-- This rule is met through RPM Verify, will add mappings later --> +<!-- NEEDS RULE. LOW PRIORITY SINCE NOT SCORED --> <!-- 4.6 Uncommon Network Protocols--> <!-- 4.6.1 Disable DCCP (Not Scored) --> <select idref="kernel_module_dccp_disabled" selected="true"/> @@ -393,7 +394,7 @@ Patches would be most welcome! <select idref="service_rsyslog_enabled" selected="true"/> <!-- 5.1.3 Configure /etc/rsyslog.conf (Not Scored) --> -<!-- NEEDS RULE --> +<select idref="rsyslog_nolisten" selected="true" /> <!-- 5.1.4 Create and Set Permissions on rsyslog Log Files (Scored)--> <select idref="rsyslog_file_permissions" selected="true"/> -- 1.7.1
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
