Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Resources
Documents
Publishers
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Ubuntu 18.04
System Settings
Installing and Maintaining Software
System and Software Integrity
Software Integrity Checking
Software Integrity Checking
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
Software Integrity Checking
1 Rule
Both the AIDE (Advanced Intrusion Detection Environment) software and the RPM package management system provide mechanisms for verifying the integrity of installed software. AIDE uses snapshots of file metadata (such as hashes) and compares these to current system files in order to detect changes.
The RPM package management system can conduct integrity checks by comparing information in its metadata database with files installed on the system.
Verify Integrity with AIDE
1 Rule
AIDE conducts integrity checks by comparing information about files with previously-gathered information. Ideally, the AIDE database is created immediately after initial system configuration, and then again after any software update. AIDE is highly configurable, with further configuration information located in
/usr/share/doc/aide-
VERSION
.
Configure AIDE To Notify Personnel if Baseline Configurations Are Altered
Medium Severity
The operating system file integrity tool must be configured to notify designated personnel of any changes to configurations.