STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:

The Ubuntu operating system must use a file integrity tool to verify correct operation of all security functions.

DISA Rule

SV-238371r654288_rule

Vulnerability Number

V-238371

Group Title

SRG-OS-000445-GPOS-00199

Rule Version

UBTU-20-010450

Severity

CAT II

CCI(s)

• CCI-002696 - The information system verifies correct operation of organization-defined security functions.

Weight

10

Fix Recommendation

Install the AIDE package by running the following command:

$ sudo apt-get install aide

Check Contents

Verify that Advanced Intrusion Detection Environment (AIDE) is installed and verifies the correct operation of all security functions.

Check that the AIDE package is installed with the following command:

$ sudo dpkg -l | grep aide
ii aide 0.16.1-1build2 amd64 Advanced Intrusion Detection Environment - static binary

If AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.

If no application is installed to perform integrity checks, this is a finding.

Vulnerability Number

V-238371

Documentable

False

Rule Version

UBTU-20-010450

Severity Override Guidance

Verify that Advanced Intrusion Detection Environment (AIDE) is installed and verifies the correct operation of all security functions.

Check that the AIDE package is installed with the following command:

$ sudo dpkg -l | grep aide
ii aide 0.16.1-1build2 amd64 Advanced Intrusion Detection Environment - static binary

If AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.

If no application is installed to perform integrity checks, this is a finding.

Check Content Reference

M

Target Key

5318

Comments