Enable Logging of All FTP Transactions
An XCCDF Rule
Description
Add or correct the following configuration options within the vsftpd
configuration file, located at /etc/vsftpd/vsftpd.conf:
xferlog_enable=YES xferlog_std_format=NO log_ftp_protocol=YES
warning alert: Warning
If verbose logging to
vsftpd.log is done, sparse logging of
downloads to /var/log/xferlog will not also occur. However,
the information about what files were downloaded is included in the
information logged to vsftpd.log.Rationale
To trace malicious activity facilitated by the FTP service, it must be configured to ensure that all commands sent to
the FTP server are logged using the verbose vsftpd log
format. The default vsftpd log file is /var/log/vsftpd.log.
- ID
- xccdf_org.ssgproject.content_rule_ftp_log_transactions
- Severity
- Unknown
- References
- Updated