WG440 A22 - Monitoring software must include CGI or equivalent programs in its scope.

Information

By their very nature, CGI type files permit the anonymous web user to interact with data and perhaps store data on the web server. In many cases, CGI scripts exercise system-level control over the server's resources. These files make appealing targets for the malicious user. If these files can be modified or exploited, the web server can be compromised. These files must be monitored by a security tool that reports unauthorized changes to these files.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Use a monitoring tool to monitor changes to the CGI or equivalent directory. This can be done with something as simple as a script or batch file that would identify a change in the file.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Apache_2-2_UNIX_V1R11_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-32927r2_rule, STIG-ID|WG440_A22, Vuln-ID|V-2271

Plugin: Unix

Control ID: a8e30ae1838b302404456722372c61b5706e9b8c26ef31ab2b235f9535c50e58