STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:

The Ubuntu operating system must notify designated personnel if baseline configurations are changed in an unauthorized manner. The file integrity tool must notify the System Administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered.

DISA Rule

SV-238372r654318_rule

Vulnerability Number

V-238372

Group Title

SRG-OS-000447-GPOS-00201

Rule Version

UBTU-20-010451

Severity

CAT II

CCI(s)

• CCI-002702 - The information system shuts the information system down, restarts the information system, and/or initiates organization-defined alternative action(s) when anomalies in the operation of the organization-defined security functions are discovered.

Weight

10

Fix Recommendation

Configure the Ubuntu operating system to notify designated personnel if baseline configurations are changed in an unauthorized manner.

Modify the "SILENTREPORTS" parameter in the "/etc/default/aide" file with a value of "no" if it does not already exist.

Check Contents

Verify that Advanced Intrusion Detection Environment (AIDE) notifies the System Administrator
when anomalies in the operation of any security functions are discovered with the following command:

$ sudo grep SILENTREPORTS /etc/default/aide

SILENTREPORTS=no

If SILENTREPORTS is uncommented and set to "yes", this is a finding.

Vulnerability Number

V-238372

Documentable

False

Rule Version

UBTU-20-010451

Severity Override Guidance

Verify that Advanced Intrusion Detection Environment (AIDE) notifies the System Administrator
when anomalies in the operation of any security functions are discovered with the following command:

$ sudo grep SILENTREPORTS /etc/default/aide

SILENTREPORTS=no

If SILENTREPORTS is uncommented and set to "yes", this is a finding.

Check Content Reference

M

Target Key

5318

Comments