UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.


Overview

Finding ID Version Rule ID IA Controls Severity
GEN000220-ESXI5-000064 GEN000220-ESXI5-000064 GEN000220-ESXI5-000064_rule Medium
Description
Changes in system libraries and binaries can indicate compromise or significant system events, such as patching needing to be checked by automated processes and the results reviewed by the SA.
STIG Date
VMware ESXi v5 Security Technical Implementation Guide 2013-01-15

Details

Check Text ( C-GEN000220-ESXI5-000064_chk )
Ask the SA if a weekly, cryptographically hashed file integrity baseline is created and maintained via cron. If no file integrity baseline is created on a weekly basis for the system, this is a finding.
Fix Text (F-GEN000220-ESXI5-000064_fix)
From the Power/v CLI, run the command:

# vicfg-cfgbackup

Use this file (hash) as a basis for system integrity checking.
Generate a new where/as required due to system updates. The time between backup file generation must not exceed the 1 week maximum and may be performed as often as required per an organization-defined frequency. To automate this process on the Windows machine where the Power/v CLI is located : Create a batch file. Next create a basic Windows schedule: select "Run Program" and in the "Action" step record the path and name of the batch file.