STIGQter: STIG Summary: Solaris 10 SPARC Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents.

DISA Rule

SV-227047r603265_rule

Vulnerability Number

V-227047

Group Title

SRG-OS-000278

Rule Version

GEN006575

Severity

CAT III

CCI(s)

• CCI-001496 - The information system implements cryptographic mechanisms to protect the integrity of audit tools.

Weight

10

Fix Recommendation

If using AIDE, edit the configuration and add the sha256 or sha512 option for all monitored files and directories.

If using a different file integrity tool, configure FIPS 140-2 approved cryptographic hashes per the tool's documentation.

Check Contents

If using AIDE, verify the configuration contains the sha256 or sha512 options for all monitored files and directories. Here is an example AIDE configuration fragment.

SampleRule = p+i+l+n+u+g+s+m+c+acl+xattrs+sha256
/bin SampleRule

If either the sha256 or sha512 option is not present, this is a finding.

If using a different file integrity tool, check the configuration per tool documentation.

Vulnerability Number

V-227047

Documentable

False

Rule Version

GEN006575

Severity Override Guidance

If using AIDE, verify the configuration contains the sha256 or sha512 options for all monitored files and directories. Here is an example AIDE configuration fragment.

SampleRule = p+i+l+n+u+g+s+m+c+acl+xattrs+sha256
/bin SampleRule

If either the sha256 or sha512 option is not present, this is a finding.

If using a different file integrity tool, check the configuration per tool documentation.

Check Content Reference

M

Target Key

4060

Comments