GEN002260 - The system must be checked for extraneous device files at least weekly.

Information

If an unauthorized device is allowed to exist on the system, there is the possibility the system may perform unauthorized operations.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Establish a weekly automated or manual process to create a list of device files on the system and determine if any files have been added, moved, or deleted since the last list was generated.

A list of device files can be generated with this command:

# find / -type b -o -type c > device-file-list

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_5_V2R1_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-3f., 800-53|CM-6b., CAT|III, CCI|CCI-000318, CCI|CCI-000366, Rule-ID|SV-218357r603259_rule, STIG-ID|GEN002260, STIG-Legacy|SV-63209, STIG-Legacy|V-923, Vuln-ID|V-218357

Plugin: Unix

Control ID: ee82196a8311c87ffa5f39ef6d56ec894f8f0afe3172bfeea976cb852f9c5396