DISA STIG for Oracle Linux 5 v1r14

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG for Oracle Linux 5 v1r14

Updated: 8/23/2021

Authority: DISA STIG

Plugin: Unix

Revision: 1.6

Estimated Item Count: 967

File Details

Filename: DISA_STIG_Oracle_Linux_5_v1r14.audit

Size: 1.63 MB

MD5: 784d57b50df973e97ebf2a4d62156011

SHA256: ca2a652e79e84d44485422051e2dae1639599f09062b499b27bb1ee9ffbcd824

Audit Items

Description	Categories
DISA_STIG_Oracle_Linux_5_v1r14.audit from DISA Oracle Linux 5 v1r14 STIG
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/passwd halt'	ACCESS CONTROL
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/passwd reboot'	ACCESS CONTROL
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/passwd shutdown'	ACCESS CONTROL
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/shadow halt'	ACCESS CONTROL
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/shadow reboot'	ACCESS CONTROL
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/shadow shutdown'	ACCESS CONTROL
GEN000000-LNX00360 - The X server must have the correct options enabled - '-audit = 4'	AUDIT AND ACCOUNTABILITY
GEN000000-LNX00360 - The X server must have the correct options enabled - '-auth'	ACCESS CONTROL
GEN000000-LNX00360 - The X server must have the correct options enabled - '-s <= 15'	CONFIGURATION MANAGEMENT
GEN000000-LNX00360 - The X server must have the correct options enabled - ':0 /usr/bin/X:0'	ACCESS CONTROL
GEN000000-LNX00380 - An X server must have none of the following options enabled: -ac, -core (except for debugging purposes), or -nolock - '-ac'	CONFIGURATION MANAGEMENT
GEN000000-LNX00380 - An X server must have none of the following options enabled: -ac, -core (except for debugging purposes), or -nolock - '-core'	CONFIGURATION MANAGEMENT
GEN000000-LNX00380 - An X server must have none of the following options enabled: -ac, -core (except for debugging purposes), or -nolock - '-nolock'	CONFIGURATION MANAGEMENT
GEN000000-LNX00400 - The /etc/security/access.conf file must be owned by root.	CONFIGURATION MANAGEMENT
GEN000000-LNX00420 - The /etc/security/access.conf file must have a privileged group owner.	CONFIGURATION MANAGEMENT
GEN000000-LNX00440 - The /etc/security/access.conf file must have mode 0640 or less permissive.	CONFIGURATION MANAGEMENT
GEN000000-LNX00450 - The access.conf file must not have an extended ACL.	ACCESS CONTROL
GEN000000-LNX00480 - The /etc/sysctl.conf file must be owned by root.	CONFIGURATION MANAGEMENT
GEN000000-LNX00500 - The /etc/sysctl.conf file must be group-owned by root.	CONFIGURATION MANAGEMENT
GEN000000-LNX00520 - The /etc/sysctl.conf file must have mode 0600 or less permissive.	CONFIGURATION MANAGEMENT
GEN000000-LNX00530 - The /etc/sysctl.conf file must not have an extended ACL.	ACCESS CONTROL
GEN000000-LNX00560 - The Linux NFS Server must not have the insecure file locking option.	ACCESS CONTROL
GEN000000-LNX00580 - The x86 CTRL-ALT-DELETE key sequence must be disabled.	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN000000-LNX00600 - The Linux PAM system must not grant sole access to admin privileges to the first user who logs into the console.
GEN000000-LNX00620 - The /etc/securetty file must be group-owned by root, sys, or bin.	CONFIGURATION MANAGEMENT
GEN000000-LNX00640 - The /etc/securetty file must be owned by root.	CONFIGURATION MANAGEMENT
GEN000000-LNX00660 - The /etc/securetty file must have mode 0600 or less permissive.	CONFIGURATION MANAGEMENT
GEN000000-LNX00720 - Auditing must be enabled at boot by setting a kernel parameter.	AUDIT AND ACCOUNTABILITY
GEN000000-LNX00800 - The system must use a Linux Security Module configured to limit the privileges of system services - 'SELINUX = enforcing'	ACCESS CONTROL
GEN000000-LNX00800 - The system must use a Linux Security Module configured to limit the privileges of system services - 'SELINUXTYPE = targeted or strict'	ACCESS CONTROL
GEN000000-LNX001431 - The /etc/gshadow file must be owned by root.	IDENTIFICATION AND AUTHENTICATION
GEN000000-LNX001432 - The /etc/gshadow file must be group-owned by root.	IDENTIFICATION AND AUTHENTICATION
GEN000000-LNX001433 - The /etc/gshadow file must have mode 0400.	IDENTIFICATION AND AUTHENTICATION
GEN000000-LNX001434 - The /etc/gshadow file must not have an extended ACL.	ACCESS CONTROL
GEN000000-LNX001476 - The /etc/gshadow file must not contain any group password hashes.	IDENTIFICATION AND AUTHENTICATION
GEN000020 - The system must require authentication upon booting into single-user and maintenance modes.	SYSTEM AND INFORMATION INTEGRITY
GEN000100 - The operating system must be a supported release.	CONFIGURATION MANAGEMENT
GEN000120 - System security patches and updates must be installed and up-to-date.
GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - '/etc/aide.conf must exist'	SYSTEM AND INFORMATION INTEGRITY
GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - 'cryptographic hash is used '	SYSTEM AND INFORMATION INTEGRITY
GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - 'database location'	SYSTEM AND INFORMATION INTEGRITY
GEN000140-3 - A file integrity baseline including cryptographic hashes must be maintained - '/etc/aide.conf exists'	SYSTEM AND INFORMATION INTEGRITY
GEN000140-3 - A file integrity baseline including cryptographic hashes must be maintained - 'database has been configured'	SYSTEM AND INFORMATION INTEGRITY
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.
GEN000240 - The system clock must be synchronized to an authoritative DoD time source.	AUDIT AND ACCOUNTABILITY
GEN000241 - The system clock must be synchronized continuously - 'maxpoll 10'	AUDIT AND ACCOUNTABILITY
GEN000241 - The system clock must be synchronized continuously.
GEN000242 - The system must use at least two time sources for clock synchronization - '/etc/ntp.conf'	AUDIT AND ACCOUNTABILITY
GEN000242 - The system must use at least two time sources for clock synchronization - 'cron jobs'

Detections

Analytics

DISA STIG for Oracle Linux 5 v1r14

Warning! Audit Deprecated

Audit Details

File Details

Audit Items