An error occurred:

Check: GEN002260

Solaris 10 SPARC STIG: GEN002260 (in versions v2 r4 through v1 r19)

Title

The system must be checked for extraneous device files at least weekly. (Cat III impact)

Discussion

If an unauthorized device is allowed to exist on the system, there is the possibility the system may perform unauthorized operations.

Check Content

Check the system for an automated job, or check with the SA, to determine if the system is checked for extraneous device files on a weekly basis. If no automated or manual process is in place, this is a finding.

Fix Text

Establish a weekly automated or manual process to create a list of device files on the system and determine if any files have been added, moved, or deleted since the last list was generated. Generate a list of device files. # find / -type b -o -type c > device-file-list

Additional Identifiers

Rule ID: SV-226572r854417_rule

Vulnerability ID: V-226572

Group Title: SRG-OS-000363

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001744

The information system implements organization-defined security responses automatically if baseline configurations are changed in an unauthorized manner.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-3 (5)

Automated Security Response