From ed638b68d4c15304c73cd44b51a806af574dbc29 Mon Sep 17 00:00:00 2001 From: samson Date: Mon, 22 Oct 2018 05:09:58 +0800 Subject: [PATCH] Add description for 6.17 --- .../harbian_audit_Debian_9_Benchmark_v0.1.mkd | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/docs/harbian_audit_Debian_9_Benchmark_v0.1.mkd b/docs/harbian_audit_Debian_9_Benchmark_v0.1.mkd index 611b2a3..0e864e3 100644 --- a/docs/harbian_audit_Debian_9_Benchmark_v0.1.mkd +++ b/docs/harbian_audit_Debian_9_Benchmark_v0.1.mkd @@ -24,6 +24,31 @@ Install the screen program (if it is not on the system) with the following comma ``` The console can now be locked with the following key combination: ctrl+a x +## 6.17 ensure virul scan server is enabled (scored) + +### Profile Applicability +Level 4 + +### Description +The system must use a virus scan program. + +### Rationale +Virus scanning software can be used to protect a system from penetration from computer viruses and to limit their spread through intermediate systems. The virus scanning software should be configured to perform scans dynamically on accessed files. If this capability is not available, the system must be configured to scan, at a minimum, all altered files on the system on a daily basis. + +### Aduit +Verify the system is using a virus scan program. check for the presence of "clamav" on the system with the following command: +``` +# systemctl | grep clamav-freshclam +clamav-freshclam.service loaded active running ClamAV virus database updater +``` +If neither of these applications are loaded and active, ask the System Administrator if there is an antivirus package installed and active on the system. If no antivirus scan program is active on the system, this is a finding. + +### Remediation +Install the clamav program (if it is not on the system) with the following command: +``` +# apt-get install -y clamav +``` + ## 8.1.19 Recored ssh-keysign command usage (scored) ### Profile Applicability