An error occurred:

Check: GEN006480

AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE: GEN006480 (in versions v1 r14 through v1 r10)

Title

The system must have a host-based intrusion detection tool installed. (Cat II impact)

Discussion

Without a host-based intrusion detection tool, there is no system-level defense when an intruder gains access to a system or network. Additionally, a host-based intrusion detection tool can provide methods to immediately lock out detected intrusion attempts.

Check Content

Ask the SA or IAO if a host-based intrusion detection application is loaded on the system. Determine if the application is loaded on the system. Procedure: # find / -name <daemon name> -print Determine if the application is active on the system. Procedure: # ps -ef | grep <daemon name> If no host-based intrusion detection system is installed on the system, this is a finding.

Fix Text

Install a host-based intrusion detection tool.

Additional Identifiers

Rule ID: SV-41526r2_rule

Vulnerability ID: V-782

Group Title: GEN006480

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001259

The organization interconnects and configures individual intrusion detection tools into a systemwide intrusion detection system using common protocols.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check