Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-78679 | TANS-SV-000016 | SV-93385r2_rule | Medium |
Description |
---|
Typically, the Tanium Server stores the Package Source Files that it downloads from the Internet and server shares or files uploaded through the Tanium Console in a subdirectory of the server's installation directory called Downloads. To ensure package files are not accessible to non-authorized functions, the files must be re-located to outside of the server's installation directory. |
STIG | Date |
---|---|
Tanium 7.0 Security Technical Implementation Guide | 2018-07-09 |
Check Text ( C-78249r2_chk ) |
---|
Access the Tanium Server interactively. Log on with an account with administrative privileges to the server. Run regedit as Administrator. Navigate to HKEY_LOCAL_MACHINE >> SOFTWARE >> Wow6432Node >> Tanium >> Tanium Server. Validate the "DownloadPath" REG_SZ value points to a location off of the Tanium Server directory. If the "DownloadPath" REG_SZ value does not point to a location off of the Tanium Server directory, this is a finding. |
Fix Text (F-85415r2_fix) |
---|
Access the Tanium Server interactively. Log on with an account with administrative privileges to the server. Configure a directory off of the Tanium server to relocate the installation package files. Run regedit as Administrator. Navigate to HKEY_LOCAL_MACHINE >> SOFTWARE >> Wow6432Node >> Tanium >> Tanium Server. Change the "DownloadPath" REG_SZ value to point to the location of the relocated installation package files. Move the files from the original directory to the location created for the installation package files. |