Check: GEN006640
VMware ESX 3 Server:
GEN006640
(in version v1 r2)
Title
The system must use and update a DoD-approved virus scan program. (Cat II impact)
Discussion
Virus scanning software can be used to protect a system from penetration by computer viruses and to limit their spread through intermediate systems. Virus scanning software is available to DoD on the JTF-GNO web site. The virus scanning software should be configured to perform scans dynamically on accessed files. If this capability is not available, the system must be configured to scan, at a minimum, all altered files on the system on a daily basis. If the system processes inbound SMTP mail, the virus scanner must be configured to scan all received mail.
Check Content
Determine if a DoD-approved virus scan program is installed and using updates less than 14 days old. If not, this is a finding.
Fix Text
Install McAfee command line virus scan tool, or an appropriate alternative from https://www.jtfgno.mil. Ensure the virus signature definition files are no older than seven (7) days. Updates are also available from https://www.jtfgno.mil. Ensure the command line virus scan tool is run on a regular basis using a utility, such as cron.
Additional Identifiers
Rule ID: SV-13328r2_rule
Vulnerability ID: V-12765
Group Title: GEN006640
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001668 |
The organization employs malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities. |
Controls
| Number | Title |
|---|---|
| No controls are assigned to this check |