From blank@eclipse.ncsc.mil Thu Aug 20 11:31:49 2015
From: Jeffrey Blank <blank@eclipse.ncsc.mil>
To: scap-security-guide@lists.fedorahosted.org
Subject: Re: [PATCH 3/3] Created group and added prose for use of antivirus.
Date: Tue, 07 Aug 2012 10:14:09 -0400
Message-ID: <502122B1.8000708@eclipse.ncsc.mil>
In-Reply-To: <1344347657-6924-4-git-send-email-wsantos@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============6656018670684515351=="

--===============6656018670684515351==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This needs to be a Rule since it would be part of a STIG profile (even
though its check may be entirely manual for now (eventually OCIL).


On 08/07/2012 09:54 AM, Willy Santos wrote:
> Mapped antivirus group to CCI-1668 and removed mapping from impractical_pro=
duct. Related ticket #84.
>=20
> Signed-off-by: Willy Santos <wsantos(a)redhat.com>
> ---
>  RHEL6/input/auxiliary/srg_support.xml     |    2 +-
>  RHEL6/input/system/software/integrity.xml |   14 ++++++++++++++
>  2 files changed, 15 insertions(+), 1 deletions(-)
>=20
> diff --git a/RHEL6/input/auxiliary/srg_support.xml b/RHEL6/input/auxiliary/=
srg_support.xml
> index 30da624..d04e823 100644
> --- a/RHEL6/input/auxiliary/srg_support.xml
> +++ b/RHEL6/input/auxiliary/srg_support.xml
> @@ -30,7 +30,7 @@ The requirement is impractical or out of scope.
>  The product does not meet this requirement.
>  The requirement is impractical or out of scope.
>  </description>
> -<ref disa=3D"28,29,30,32,24,1695,1169,1170,1239,1662,1668,1395,553" />
> +<ref disa=3D"28,29,30,32,24,1695,1169,1170,1239,1662,1395,553" />
>  </Group> <!-- end unmet_impractical_product -->
> =20
>  <Group id=3D"requirement_unclear">
> diff --git a/RHEL6/input/system/software/integrity.xml b/RHEL6/input/system=
/software/integrity.xml
> index a5ec1bc..702bb0f 100644
> --- a/RHEL6/input/system/software/integrity.xml
> +++ b/RHEL6/input/system/software/integrity.xml
> @@ -178,4 +178,18 @@ on the system.</rationale>
> =20
>  </Group>
> =20
> +<Group id=3D"antivirus">
> +<title>Virus Scanning</title>
> +<description>Virus scanning software should be used to protect a system fr=
om penetration from
> +computer viruses and to limit their spread through intermediate systems. T=
he virus scanning
> +software should be configured to perform scans dynamically on accessed fil=
es. If this capability
> +is not available, the system should be configured to scan, at a minimum, a=
ll altered files on
> +the system on a daily basis.
> +<br /><br />
> +Virus signature definition files should be updated frequently. It is recom=
mended that definition
> +files be updated at least every 7 days.
> +</description>
> +<ref disa=3D"1668"/>
> +</Group>
> +
>  </Group>

--===============6656018670684515351==--