GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents.

Information

File integrity tools often use cryptographic hashes for verifying that file contents have not been altered. These hashes must be FIPS 140-2 approved.

Solution

If using AIDE, edit the configuration and add the 'sha512' option for all monitored files and directories.

If using a different file integrity tool, configure FIPS 140-2 approved cryptographic hashes per the tool's documentation.

Item Details

Audit Name: DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit

Category: SYSTEM AND INFORMATION INTEGRITY

Plugin: Unix

Control ID: b61b12c040210c2d7e4c060513c5b15cdaf729804befda90b09751734eb659de

Detections

Analytics

GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents.

Information

Solution

See Also

Item Details