Modify harbian_audit_Debian_9_Benchmark_v0.1 doc.
This commit is contained in:
parent
7a0c112334
commit
06f3bf41f2
|
@ -1,25 +1,25 @@
|
||||||
# harbian audit Debian Linux 9 Benchmark
|
# harbian audit Debian Linux 9 Benchmark
|
||||||
|
|
||||||
8.5 Verifies integrity all packages
|
## 8.5 Verifies integrity all packages
|
||||||
|
|
||||||
Profile Applicability:
|
### Profile Applicability:
|
||||||
Level 5
|
Level 5
|
||||||
|
|
||||||
Description:
|
### Description:
|
||||||
Without cryptographic integrity protections, system command and files can be altered by unauthorized users without detection. Cryptographic mechanisms used for protecting the integrity of information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the key used to generate the hash.
|
Without cryptographic integrity protections, system command and files can be altered by unauthorized users without detection. Cryptographic mechanisms used for protecting the integrity of information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the key used to generate the hash.
|
||||||
|
|
||||||
Rationale:
|
### Rationale:
|
||||||
Verify integrity all packages features to to monitor the files of the packages installed by the system.
|
Verify integrity all packages features to to monitor the files of the packages installed by the system.
|
||||||
|
|
||||||
Aduit:
|
### Aduit:
|
||||||
Perform the following to determine:
|
Perform the following to determine(example):
|
||||||
```
|
```
|
||||||
# dpkg -V
|
# dpkg -V
|
||||||
??5?????? c /etc/sudoers
|
??5?????? c /etc/sudoers
|
||||||
??5?????? c /etc/vim/vimrc
|
??5?????? c /etc/vim/vimrc
|
||||||
```
|
```
|
||||||
|
|
||||||
Remediation:
|
### Remediation:
|
||||||
Run the following command to determine which package owns the file:
|
Run the following command to determine which package owns the file:
|
||||||
```
|
```
|
||||||
# dpkg -S <filename>
|
# dpkg -S <filename>
|
||||||
|
|
Loading…
Reference in New Issue