1.3.5 Ensure AIDE is configured to use FIPS 140-2 - installed
The operating system must use a file integrity tool that is configured to use FIPS 140-2 approved cryptographic hashes for validating file contents and directories. Rationale: File integrity tools use cryptographic hashes for verifying file contents and directories have not been altered. These hashes must be FIPS 140-2 approved cryptographic hashes.
Configure the file integrity tool to use FIPS 140-2 cryptographic hashes for validating file and directory contents. If AIDE is installed, ensure the sha512 rule is present on all uncommented file and directory selection lists. Example: vim /etc/aide.conf add a rule that includes the sha512 example: All=p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux /bin All # apply the custom rule to the files in bin /sbin All # apply the same custom rule to the files in sbin