STIGQter: STIG Summary: Apache Tomcat Application Sever 9 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Apache Tomcat Application Sever 9 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:SV-223009r615938_rule
V-223009
SRG-APP-000516-AS-000237
TCAT-AS-001730
CAT III
10
Ensure the address attribute for each connector and the network interfaces are specified in the SSP.
Edit the following file From the Tomcat server as a privileged user:
$CATALINA_BASE/conf/server.xml
Locate each Connector element then edit or add the "address=" field for each connector and specify the appropriate network IP address. The following is an example using a random IP address:
EXAMPLE:
<Connector
port="8443"
address="192.168.0.145"
...
/>
Restart the Tomcat server:
sudo systemctl restart tomcat
sudo systemctl daemon-reload
Review SSP documentation for list of approved connectors and associated TCP/IP ports and interfaces.
Verify the address attribute is specified for each connector and is set to the network interface specified in the SSP.
Execute the following command to find configured Connectors:
sudo grep -i -B1 -A5 connector $CATALINA_BASE/conf/server.xml
Review results and examine the "address=" field for each connector.
If the connector address attribute is not specified as per the SSP, this is a finding.
V-223009
False
TCAT-AS-001730
Review SSP documentation for list of approved connectors and associated TCP/IP ports and interfaces.
Verify the address attribute is specified for each connector and is set to the network interface specified in the SSP.
Execute the following command to find configured Connectors:
sudo grep -i -B1 -A5 connector $CATALINA_BASE/conf/server.xml
Review results and examine the "address=" field for each connector.
If the connector address attribute is not specified as per the SSP, this is a finding.
M
4094