Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-4287 | GEN000000-AIX00060 | SV-4287r2_rule | DCSL-1 | Medium |
Description |
---|
If a baseline of files with the TCB bit set is not kept and checked weekly, the system could be compromised without the knowledge of any authority. |
STIG | Date |
---|---|
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2018-09-18 |
Check Text ( C-2449r3_chk ) |
---|
Perform the following command with no parameters to ensure the system is in trusted mode. # /bin/tcbck If TCB is not installed, the output will show an error code of 3001-101 and/or a text message indicating TCB is not installed. If the output from the command indicates it is not in trusted mode, this is not reviewed. Otherwise, check the root crontab to verify tcbck is executed weekly. If it is not in the crontab, ask the SA if the check is run manually and to see the results of the check. |
Fix Text (F-4198r2_fix) |
---|
Add tcbck command as a weekly cronjob with the output sent to the SA. |