STIGQter STIGQter: STIG Summary: APACHE 2.2 Server for UNIX Security Technical Implementation Guide Version: 1 Release: 11 Benchmark Date: 25 Jan 2019:

Monitoring software must include CGI or equivalent programs in its scope.

DISA Rule

SV-32927r2_rule

Vulnerability Number

V-2271

Group Title

WG440

Rule Version

WG440 A22

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Use a monitoring tool to monitor changes to the CGI or equivalent directory. This can be done with something as simple as a script or batch file that would identify a change in the file.

Check Contents

CGI or equivalent files must be monitored by a security tool that reports unauthorized changes. It is the purpose of such software to monitor key files for unauthorized changes to them. The reviewer should query the ISSO, the SA, and the web administrator and verify the information provided by asking to see the template file or configuration file of the software being used to accomplish this security task. Example file extensions for files considered to provide active content are, but not limited to, .cgi, .asp, .aspx, .class, .vb, .php, .pl, and .c.

If the site does not have a process in place to monitor changes to CGI program files, this is a finding.

Vulnerability Number

V-2271

Documentable

False

Rule Version

WG440 A22

Severity Override Guidance

CGI or equivalent files must be monitored by a security tool that reports unauthorized changes. It is the purpose of such software to monitor key files for unauthorized changes to them. The reviewer should query the ISSO, the SA, and the web administrator and verify the information provided by asking to see the template file or configuration file of the software being used to accomplish this security task. Example file extensions for files considered to provide active content are, but not limited to, .cgi, .asp, .aspx, .class, .vb, .php, .pl, and .c.

If the site does not have a process in place to monitor changes to CGI program files, this is a finding.

Check Content Reference

M

Responsibility

Web Administrator

Target Key

158

Comments