STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:SV-234864r622137_rule
V-234864
SRG-OS-000447-GPOS-00201
SLES-15-010570
CAT II
10
Configure the SUSE operating system to notify the SA when AIDE discovers anomalies in the operation of any security functions.
Create the aide crontab file in "/etc/cron.daily" and add following command replacing the "[E-MAIL]" parameter with a proper email address for the SA:
0 0 * * * /usr/sbin/aide --check | /bin/mail -s "aide integrity check run for <system name>" root@notareal.email
Verify the SUSE operating system notifies the SA when AIDE discovers anomalies in the operation of any security functions.
Check to see if the aide cron job sends an email when executed with the following command:
> grep -i "aide" /etc/cron.*/aide
0 0 * * * /usr/sbin/aide --check | /bin/mail -s "aide integrity check run for <system name>" root@notareal.email
If the "aide" file does not exist under the "/etc/cron" directory structure or the cron job is not configured to execute a binary to send an email (such as "/usr/bin/mail"), this is a finding.
V-234864
False
SLES-15-010570
Verify the SUSE operating system notifies the SA when AIDE discovers anomalies in the operation of any security functions.
Check to see if the aide cron job sends an email when executed with the following command:
> grep -i "aide" /etc/cron.*/aide
0 0 * * * /usr/sbin/aide --check | /bin/mail -s "aide integrity check run for <system name>" root@notareal.email
If the "aide" file does not exist under the "/etc/cron" directory structure or the cron job is not configured to execute a binary to send an email (such as "/usr/bin/mail"), this is a finding.
M
5274