Found something from Google (partial summaries preceded by * on the lines below) : a) * I've run /etc/security/bsmconv & it appeared to have completed * successfully but after rerunning the scan, it still flag the alerts * below : Negative: 5.8 BSM should at least be auditing all "old administrative (meta-class)" (ad) events on flags line. Negative: 5.8 BSM should at least be auditing all "exec" (ex) events on flags line. Negative: 5.8 BSM should at least be auditing all "file attribute modify" (fm) events on flags line. Negative: 5.8 BSM should at least be auditing all "login or logout" (lo) events on flags line. Negative: 5.8 BSM should at least be auditing all "process (meta-class)" (pc) events on flags line. Negative: 5.8 BSM should at least be auditing all "old administrative (meta-class)" (ad) events on naflags line. Negative: 5.8 BSM should at least be auditing all "exec" (ex) events on naflags line. b) * in /etc/default/inetd, ENABLE_CONNECTION_LOGGING=YES * but the scan still flag the alert below Negative: 5.1 inetd's connection logging is not active. c) * fixed. Uncomment the last line in /var/spool/cron/crontabs/sys * which has "sa2" in it Negative: 5.7 No sa2 line in /var/spool/cron/crontabs/sys -- no system accounting. d) * still no idea Negative: 6.8 Fix-modes has not been run here. _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Fri Apr 11 05:37:25 2008
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:10 EST