An error occurred:

Check: GEN006565

VMware ESX 3 Server: GEN006565 (in version v1 r2)

Title

The system package management tool must be used to verify system software periodically. (Cat II impact)

Discussion

Verification using the system package management tool can be used to determine that system software has not been tampered with. This requirement is not applicable to systems that do not use package management tools.

Check Content

Check the root crontab for a job invoking the system package management tool to verify the integrity of installed packages. If no such job exists, this is a finding.

Fix Text

Add a job to the root crontab that invokes the system package management tool to verify the integrity of installed packages.

Additional Identifiers

Rule ID: SV-26181r1_rule

Vulnerability ID: V-22506

Group Title: GEN006565

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000366

Implement the security configuration settings.
CCI-000698

Require the developer of the system, system component, or system service to enable integrity verification of software and firmware components.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6

Configuration Settings
SA-10(1)

Software / Firmware Integrity Verification