UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system package management tool must be used to verify system software periodically.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22506 GEN006565 SV-35166r1_rule ECAT-1 Medium
Description
Verification using the system package management tool can be used to determine that system software has not been tampered with. This requirement is not applicable to systems that do not use package management tools.
STIG Date
HP-UX 11.23 Security Technical Implementation Guide 2012-05-25

Details

Check Text ( C-35018r1_chk )
Check the root crontab for a job invoking the system package management tool to verify the integrity of installed packages. If no such job exists, this is a finding.

An example using HP's command line tool suite to list/verify installed local machine software bundles is:
# swlist -l bundle
# Initializing...
# Contacting target "abc123"...
#
# Target: abc123:/
#
10GigEthr-00 B.11.31.0709 PCI-X 10 Gigabit Ethernet;Supptd

Then run swverify, at the end of the output look for status of Verification succeeded.
# swverify -v 10GigEthr-00
Fix Text (F-32107r1_fix)
Add a job to the root crontab invoking the system package management tool to verify the integrity of installed packages.