CCI-001496 requires using crypto mechanisms to protect the integrity of audit tools. AIDE and RPM provide mechanisms to do this.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/system/software/integrity.xml | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/rhel6/src/input/system/software/integrity.xml b/rhel6/src/input/system/software/integrity.xml index 12d70fa..8752237 100644 --- a/rhel6/src/input/system/software/integrity.xml +++ b/rhel6/src/input/system/software/integrity.xml @@ -93,7 +93,7 @@ AIDE can be executed periodically through other means; this is merely one exampl By default, AIDE does not install itself for periodic execution. Periodically running AIDE may reveal unexpected changes in installed files. </rationale> -<ref nist="CM-6, SC-28, SI-7" disa="416,1166,1263"/> +<ref nist="CM-6, SC-28, SI-7" disa="416,1166,1263,1496"/> </Rule> <Rule id="aide_verify_integrity_manually"> @@ -173,7 +173,7 @@ by the RPM database. Executables with erroneous hashes could be a sign of nefari on the system.</rationale> <ident cce="TODO" /> <oval id="rpm_verify_hashes" /> -<ref nist="SI-7"/> +<ref nist="SI-7" disa="1496" /> </Rule> </Group> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
