Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Amazon Linux 2023
Guide to the Secure Configuration of Amazon Linux 2023
An XCCDF Benchmark
Details
Profiles
Items
Prose
1 rule organized in 5 groups
System Settings
1 Rule
Contains rules that check correct system settings.
Installing and Maintaining Software
1 Rule
The following sections contain information on security-relevant choices during the initial operating system installation process and the setup of software updates.
System and Software Integrity
1 Rule
System and software integrity can be gained by installing antivirus, increasing system encryption strength with FIPS, verifying installed software, enabling SELinux, installing an Intrusion Prevention System, etc. However, installing or enabling integrity checking tools cannot
prevent
intrusions, but they can detect that an intrusion may have occurred. Requirements for integrity checking may be highly dependent on the environment in which the system will be used. Snapshot-based approaches such as AIDE may induce considerable overhead in the presence of frequent software updates.
Software Integrity Checking
1 Rule
Both the AIDE (Advanced Intrusion Detection Environment) software and the RPM package management system provide mechanisms for verifying the integrity of installed software. AIDE uses snapshots of file metadata (such as hashes) and compares these to current system files in order to detect changes.
The RPM package management system can conduct integrity checks by comparing information in its metadata database with files installed on the system.
Verify Integrity with AIDE
1 Rule
AIDE conducts integrity checks by comparing information about files with previously-gathered information. Ideally, the AIDE database is created immediately after initial system configuration, and then again after any software update. AIDE is highly configurable, with further configuration information located in
/usr/share/doc/aide-
VERSION
.
Install AIDE
Medium Severity
The
aide
package can be installed with the following command:
$ sudo dnf install aide