From: Leland Steinke <[email protected]> - Assign rule a severity - Create OCIL text - Update CCI mappings
Signed-off-by: Leland Steinke <[email protected]> --- RHEL/6/input/system/software/integrity.xml | 8 ++++++-- 1 files changed, 6 insertions(+), 2 deletions(-) diff --git a/RHEL/6/input/system/software/integrity.xml b/RHEL/6/input/system/software/integrity.xml index 943140d..73a0629 100644 --- a/RHEL/6/input/system/software/integrity.xml +++ b/RHEL/6/input/system/software/integrity.xml @@ -64,7 +64,7 @@ of AIDE, because it changes binaries. <ref nist="CM-6(d),SC-28, SI-7" /> </Rule> -<Rule id="aide_build_database"> +<Rule id="aide_build_database" severity="medium"> <title>Build and Test AIDE Database</title> <description>Run the following command to generate a new database: <pre># /usr/sbin/aide --init</pre> @@ -77,12 +77,16 @@ To initiate a manual check, run the following command: <pre># /usr/sbin/aide --check</pre> If this check produces any unexpected output, investigate. </description> +<ocil clause="there is no database file"> +To find the location of the AIDE databse file, run the following command: +<pre># ls -l <i>DBDIR</i>/<i>databse_file_name</i></pre> +</ocil> <rationale> For AIDE to be effective, an initial database of "known-good" information about files must be captured and it should be able to be verified against the installed files. </rationale> <ident cce="27135-3" /> -<ref nist="CM-3(d),CM-3(e),CM-6(d),SC-28,SI-7" /> +<ref nist="CM-3(d),CM-3(e),CM-6(d),SC-28,SI-7" disa="374,416,1069,1263,1297,1589" /> </Rule> <Rule id="aide_periodic_cron_checking" severity="medium"> -- 1.7.1 -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
