Details

Systems need to have package manager repositories configured to ensure they receive the

latest patches and updates.

Rationale:

If a system’s package repositories are misconfigured important patches may not be

identified or a rogue repository could introduce compromised software.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Configure your package manager repositories according to site policy.

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/2420https://workbench.cisecurity.org/files/2420https://workbench.cisecurity.org/files/2420https://workbench.cisecurity.org/files/2420

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Unix.

References

• 800-53|SI-2c.
• CSCv6|4.5
• CSCv7|3.4
• CSCv7|3.5

Source

• Tenable.com/audits