Detections
Analytics
SLEM-05-671010 - FIPS 140-2/140-3 mode must be enabled on SLEM 5.
Information
Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. SLEM 5 must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.Solution
To configure SLEM 5 to run in FIPS mode, add "fips=1" to the kernel parameter during SLEM 5 install.Enabling FIPS mode on a preexisting system involves a number of modifications to SLEM 5. Refer to section 9.1, "Crypto Officer Guidance", of the following document for installation guidance:
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp2435.pdf
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SLEM_5_V1R4_STIG.zip
Item Details
Category: SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|SC-13, CAT|I, CCI|CCI-002450, Rule-ID|SV-261473r996824_rule, STIG-ID|SLEM-05-671010, Vuln-ID|V-261473
Plugin: Unix
Control ID: 745b1eb7939cec93dc03c532347fdb4fc77a83c7cdef4061c723593eeb81bb78