STIGQter: STIG Summary: McAfee VSEL 1.9/2.0 Local Client Security Technical Implementation Guide Version: 1 Release: 6 Benchmark Date: 24 Apr 2020: STIGQter: STIG Summary: McAfee VSEL 1.9/2.0 Local Client Security Technical Implementation Guide Version: 1 Release: 6 Benchmark Date: 24 Apr 2020:SV-77561r1_rule
V-63071
SRG-APP-000276
DTAVSEL-001
CAT I
10
From a desktop browser window, connect to the McAfee VirusScan Enterprise for Linux (VSEL) Monitor (WEB interface) of the Linux system being reviewed and logon with the nails user account.
In the VSEL WEB Monitor, under "Schedule", select "Product Update".
Under "When to update", select the "Immediately" radio button, and click on "Next".
Under "Choose what to update", select "Virus definition files (also known as DAT files)", click on "Next".
Under "Enter a task name", type a unique name for this task, and click on "Finish".
Re-validate anti-virus signature file age.
To run the Update task manually without the Web interface, access the Linux system being review, either at the console or by a SSH connection.
Add a task to /etc/crontab to run the nails updater.
At the command line, enter the command "/opt/NAI/LinuxShield/bin/nails task -l".
After the task runs, a (Completed) response will be returned.
From a desktop browser window, connect to the McAfee VirusScan Enterprise for Linux (VSEL) Monitor (WEB interface) of the Linux system being reviewed and logon with the nails user account.
In the VSEL WEB Monitor, under "View", select "Host Summary".
In the "Host Summary", verify the "DAT Date:" is within the last 7 days.
If the "DAT Date:" is not within the last 7 days, this is a finding.
To validate without the Web interface, access the Linux system being reviewed, either at the console or by a SSH connection.
At the command line, enter the command "ls -lt /opt/NAI/LinuxShield/engine/dat".
The command will return a listing of the avvclean.dat, avvnames.dat and avvscan.dat files. If their respective file dates are not within the last 7 days, this is a finding.
V-63071
False
DTAVSEL-001
From a desktop browser window, connect to the McAfee VirusScan Enterprise for Linux (VSEL) Monitor (WEB interface) of the Linux system being reviewed and logon with the nails user account.
In the VSEL WEB Monitor, under "View", select "Host Summary".
In the "Host Summary", verify the "DAT Date:" is within the last 7 days.
If the "DAT Date:" is not within the last 7 days, this is a finding.
To validate without the Web interface, access the Linux system being reviewed, either at the console or by a SSH connection.
At the command line, enter the command "ls -lt /opt/NAI/LinuxShield/engine/dat".
The command will return a listing of the avvclean.dat, avvnames.dat and avvscan.dat files. If their respective file dates are not within the last 7 days, this is a finding.
M
2941