BigFix Compliance: Updated DISA STIG Checklist for Solaris 10 published 2019-12-08

Product:
BigFix Compliance

Title:
Updated DISA STIG Checklist for Solaris 10 with a few bugfixes

Security Benchmark:
Solaris 10 Manual STIG Version 1, Release 23

Published Sites:
DISA STIG Checklist for Solaris 10 RG03, site version 13
(The site version is provided for air-gap customers.)

Release Notes:
• GEN000380 - Now looks at correct field for GID.
• GEN000452 - Check for PrintLastLog no for noncompliance and allow default of yes for compliance.
• GEN000585 - Bypass locked accounts.
• GEN001160 - Allow accounts starting with a number.
• GEN001475 - Properly look for password hashes.
• GEN002640 - Properly check locked accounts.
• GEN002700 - Properly checks directory permissions.
• GEN003060 - Allow root in the file.
• GEN003320 - Allow root in the file.
• GEN003502 - Look at process core directory instead of using the file pattern as the directory.
• GEN003503 - look at process core directory instead of using the file pattern as the directory.
• GEN003504 - Look at process core directory instead of using the file pattern as the directory.
• GEN003505 - Look at process core directory instead of using the file pattern as the directory.
• GEN003620 - Added tab as whitespace separator.
• GEN003624 - Added tab as whitespace separator.
• GEN004560 - Space or no space is now allowed after equals sign.
• GEN003060 - Now ignores root account
• GEN003540 - Allow set keyword
• GEN003640 - Properly check for logging of root filesystems

  • List item

GEN003060 - Now ignores root account
• Fixed missing site level site relevance

Details:
• Both analysis and remediation checks are included

• Some of the checks allow you to use the parameterized setting to enable customization for compliance evaluation. Note that parameterization and remediation actions require the creation of a custom site.

Actions to take:
• To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product and you must be using BigFix version 9.2 and later.

• If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see https://ibm.biz/Bd4LBt.

More information:
To know more about the BigFix Compliance SCM checklists, please see the following resources:
• Developer Works:
https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/SCM%20Checklists

• BigFix Forum:
https://forum.bigfix.com/c/release-announcements/compliance

We hope you find this latest release of SCM content useful and effective. Thank you!

– The BigFix Compliance team