An error occurred:

Check: GEN006565

Solaris 10 X86 STIG: GEN006565 (in versions v2 r4 through v1 r17)

Title

The system package management tool must be used to verify system software periodically. (Cat II impact)

Discussion

Verification using the system package management tool can be used to determine that system software has not been tampered with. This requirement is not applicable to systems not using package management tools.

Check Content

Check the root crontab (crontab -l) for the presence of a package check command, such as, pkgchk -n. If no such cron job is found, this is a finding.

Fix Text

Add a cron job to run a package verification command, such as, pkgchk -n.

Additional Identifiers

Rule ID: SV-220116r603266_rule

Vulnerability ID: V-220116

Group Title: SRG-OS-000480

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000366

The organization implements the security configuration settings.
CCI-000698

The organization requires the developer of the information system, system component, or information system service to enable integrity verification of software and firmware components.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6

Configuration Settings
SA-10 (1)

Software / Firmware Integrity Verification