On 7/5/12 4:52 PM, Willy Santos wrote:
CCI-001263 requires providing a near real-time alert when any of the
org-defined list of potential compromise indicators occur. AIDE can be used for
this purpose.
Signed-off-by: Willy Santos <[email protected]>
---
rhel6/src/input/system/software/integrity.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/rhel6/src/input/system/software/integrity.xml
b/rhel6/src/input/system/software/integrity.xml
index e882032..12d70fa 100644
--- a/rhel6/src/input/system/software/integrity.xml
+++ b/rhel6/src/input/system/software/integrity.xml
@@ -93,7 +93,7 @@ AIDE can be executed periodically through other means; this
is merely one exampl
By default, AIDE does not install itself for periodic execution. Periodically
running AIDE may reveal unexpected changes in installed files.
</rationale>
-<ref nist="CM-6, SC-28, SI-7" disa="416,1166"/>
+<ref nist="CM-6, SC-28, SI-7" disa="416,1166,1263"/>
</Rule>
<Rule id="aide_verify_integrity_manually">
I'd map this back to the auditing section too.
_______________________________________________
scap-security-guide mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/scap-security-guide
