GEN006565 - The system package management tool must be used to verify system software periodically.

Information

Verification using the system package management tool can be used to determine that system software has not been tampered with.

This requirement is not applicable to systems not using package management tools.

Solution

Add a cron job to run a package verification command, such as, pkgchk -n.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_10_x86_V2R4_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

References: 800-53|CM-6b., 800-53|SA-10(1), CAT|II, CCI|CCI-000366, CCI|CCI-000698, Rule-ID|SV-220116r603266_rule, STIG-ID|GEN006565, STIG-Legacy|SV-26857, STIG-Legacy|V-22506, Vuln-ID|V-220116

Plugin: Unix

Control ID: bf654b2b5e366d27bda7b605a8df496042e09e79d9a141d0cc636829347f864e