Installation guide
Chapter 3. Requirements Protogate Freeway Requirements Specification (SRS)
Notes If the system is not configured to audit certain activities and write them to an audit log, it is
more difficult to detect and track system compromises and damages incurred during a system
compromise.
3.8.18. GEN002820 - Audit Discretionary Access Control Permission
Modifications
Summary The audit system must be configured to audit all discretionary access control permission
modifications.
Notes If the system is not configured to audit certain activities and write them to an audit log, it is
more difficult to detect and track system compromises and damages incurred during a system
compromise.
3.8.19. GEN002860 - Audit Logs Rotation
Summary Audit logs must be rotated daily.
Notes Rotate audit logs daily to preserve audit file system space and to conform to the DoD/DISA
requirement. If it is not rotated daily and moved to another location, then there is more of a
chance for the compromise of audit data by malicious users.
3.8.20. GEN003820 - Remote Login or Shell is Enabled
Summary The rsh daemon must not be running.
Notes The rshd process provides a typically unencrypted, host-authenticated remote access service.
SSH should be used in place of this service.
3.8.21. GEN003840 - The rexec Service is Enabled
Summary The rexec daemon must not be running.
Notes The rexecd process provides a typically unencrypted, host-authenticated remote access
service. SSH should be used in place of this service.
18 Protogate DC-900-2021A