GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents.

Information

File integrity tools often use cryptographic hashes for verifying that file contents have not been altered. These hashes must be FIPS 140-2 approved.

Solution

If using AIDE, edit the configuration and add the 'sha512' option for all monitored files and directories.

If using a different file integrity tool, configure FIPS 140-2 approved cryptographic hashes per the tool's documentation.

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-7, CAT|III, CCI|CCI-001297, Group-ID|V-22509, Rule-ID|SV-37754r1_rule, STIG-ID|GEN006575, Vuln-ID|V-22509

Plugin: Unix

Control ID: b61b12c040210c2d7e4c060513c5b15cdaf729804befda90b09751734eb659de