An error occurred:

Check: GEN006480

Solaris 10 SPARC STIG: GEN006480 (in versions v2 r4 through v1 r19)

Title

The system must have a host-based intrusion detection tool installed. (Cat II impact)

Discussion

Without a host-based intrusion detection tool, there is no system-level defense when an intruder gains access to a system or network. Additionally, a host-based intrusion detection tool can provide methods to immediately lock out detected intrusion attempts.

Check Content

Ask the SA or IAO if a host-based intrusion detection application is loaded on the system. Determine if the application is loaded on the system. Procedure: # find / -name <daemon name> -print Determine if the application is active on the system. Procedure: # ps -ef | grep <daemon name> If no host-based intrusion detection system is installed on the system, this is a finding.

Fix Text

Install a host-based intrusion detection tool.

Additional Identifiers

Rule ID: SV-220061r603265_rule

Vulnerability ID: V-220061

Group Title: SRG-OS-000480

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001233

The organization employs automated mechanisms on an organization-defined frequency to determine the state of information system components with regard to flaw remediation.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SI-2 (2)

Automated Flaw Remediation Status