STIGQter STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must implement cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by alternative physical safeguards, such as, at a minimum, a Protected Distribution System (PDS).

DISA Rule

SV-99347r1_rule

Vulnerability Number

V-88697

Group Title

SRG-OS-000424-GPOS-00188

Rule Version

VROM-SL-001290

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Edit the SSH daemon configuration and remove any MACs other than "hmac-sha1". If necessary, add a "MACs" line.

# sed -i "/^[^#]*MACs/ c\MACs hmac-sha1" /etc/ssh/sshd_config

Check Contents

Check the SSH daemon configuration for allowed MACs:

# grep -i macs /etc/ssh/sshd_config | grep -v '^#'

If no lines are returned, or the returned MACs list contains any MAC other than "hmac-sha1", this is a finding.

Vulnerability Number

V-88697

Documentable

False

Rule Version

VROM-SL-001290

Severity Override Guidance

Check the SSH daemon configuration for allowed MACs:

# grep -i macs /etc/ssh/sshd_config | grep -v '^#'

If no lines are returned, or the returned MACs list contains any MAC other than "hmac-sha1", this is a finding.

Check Content Reference

M

Target Key

3461

Comments