Details
Periodic checking of the filesystem integrity is needed to detect changes to the filesystem.
Rationale:
Periodic file checking allows the system administrator to determine on a regular basis if critical files have been changed in an unauthorized fashion.
Solution
Run the following command:
# crontab -u root -e
Add the following line to the crontab:
0 5 * * * /usr/sbin/aide –check
Additional Information:
The checking in this recommendation occurs every day at 5am. Alter the frequency and time of the checks in compliance with site policy.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Unix.