IBM WebSphere Traditional V9.x Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The WebSphere Application Server wsadmin file must be protected from unauthorized modification.
Protecting log data also includes identifying and protecting the tools used to view and manipulate log data. Depending upon the log format and application, system and application log tools may pr...Rule Medium Severity -
SRG-APP-000123-AS-000083
Group -
The WebSphere Application Server wsadmin file must be protected from unauthorized deletion.
Protecting log data also includes identifying and protecting the tools used to view and manipulate log data. Depending upon the log format and application, system and application log tools may pr...Rule Medium Severity -
SRG-APP-000126-AS-000085
Group -
The WebSphere Application Server must be configured to encrypt log information.
Protection of log records is of critical importance. Encrypting log records provides a level of protection that does not rely on host-based protections that can be accidentally misconfigured, such ...Rule Medium Severity -
SRG-APP-000126-AS-000085
Group -
SRG-APP-000141-AS-000095
Group -
SRG-APP-000141-AS-000095
Group -
The WebSphere Application Server files must be owned by the non-root WebSphere user ID.
Having files owned by the root or administrator user is an indication that the WebSphere processes are being run with escalated privileges. Running as root/admin user gives attackers elevated privi...Rule Medium Severity -
SRG-APP-000141-AS-000095
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.