GEN006565 - The system package management tool must be used to verify system software periodically

Information

Verification using the system package management tool can be used to determine that system software has not been tampered with. This requirement is not applicable to systems that do not use package management tools.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Add a job to the root crontab invoking the system package management tool to verify the integrity of installed packages.

See Also

https://iasecontent.disa.mil/stigs/zip/U_HPUX_11-31_V1R19_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000366, CCI|CCI-000698, Rule-ID|SV-35166r1_rule, STIG-ID|GEN006565, Vuln-ID|V-22506

Plugin: Unix

Control ID: d6c22069d36f8fea9e2a86fabf85d4fb82fcec76e46a8056d36bda649ef93da1