DISA Red Hat Enterprise Linux 6 STIG v2r2

Audit Details

Name: DISA Red Hat Enterprise Linux 6 STIG v2r2

Updated: 11/6/2024

Authority: DISA STIG

Plugin: Unix

Revision: 1.11

Estimated Item Count: 440

File Details

Filename: DISA_STIG_RHEL_6_v2r2.audit

Size: 893 kB

MD5: ca32365da3ff47c27b8fa9268b26def5
SHA256: d9c5bcd59c78b571a4ec488bc8f7bdaa28915e6776b0b066548a9aa3d333ce01

Audit Changelog

 
Revision 1.11

Nov 6, 2024

Functional Update
  • RHEL-06-000282 - There must be no world-writable files on the system.
Revision 1.10

Oct 15, 2024

Functional Update
  • RHEL-06-000021 - The Red Hat Enterprise Linux operating system must not contain .shosts or shosts.equiv files.
  • RHEL-06-000336 - The sticky bit must be set on all public directories.
  • RHEL-06-000337 - All public directories must be owned by a system account.
  • RHEL-06-000347 - There must be no .netrc files on the system.
Miscellaneous
  • References updated.
Added
  • RHEL-06-000019 - There must be no .rhosts or hosts.equiv files on the system.
Removed
  • RHEL-06-000019 - There must be no .rhosts or hosts.equiv files on the system - /etc/hosts.equiv.
  • RHEL-06-000019 - There must be no .rhosts or hosts.equiv files on the system - ~/.rhosts.
Revision 1.9

Jun 14, 2024

Functional Update
  • RHEL-06-000516 - The system package management tool must verify ownership on all files and directories associated with packages.
  • RHEL-06-000517 - The system package management tool must verify group-ownership on all files and directories associated with packages.
  • RHEL-06-000518 - The system package management tool must verify permissions on all files and directories associated with packages.
  • RHEL-06-000519 - The system package management tool must verify contents of all files associated with packages.
Miscellaneous
  • Metadata updated.
Revision 1.8

Sep 19, 2023

Functional Update
  • RHEL-06-000019 - There must be no .rhosts or hosts.equiv files on the system - ~/.rhosts.
  • RHEL-06-000021 - The Red Hat Enterprise Linux operating system must not contain .shosts or shosts.equiv files.
  • RHEL-06-000282 - There must be no world-writable files on the system.
  • RHEL-06-000336 - The sticky bit must be set on all public directories.
  • RHEL-06-000337 - All public directories must be owned by a system account.
  • RHEL-06-000347 - There must be no .netrc files on the system.
Miscellaneous
  • References updated.
  • Variables updated.
Revision 1.7

Jun 27, 2023

Miscellaneous
  • Metadata updated.
  • Platform check updated.
Revision 1.6

Apr 12, 2023

Functional Update
  • RHEL-06-000051 - Users must not be able to change passwords more than once every 24 hours.
  • RHEL-06-000053 - User passwords must be changed at least every 60 days.
  • RHEL-06-000054 - Users must be warned 7 days in advance of password expiration.
  • RHEL-06-000063 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes (login.defs) - login.defs.
  • RHEL-06-000345 - The system default umask in /etc/login.defs must be 077.
Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • Variables updated.
Revision 1.5

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.4

Dec 7, 2022

Functional Update
  • RHEL-06-000008 - Vendor-provided cryptographic certificates must be installed to verify the integrity of system software.
Miscellaneous
  • Variables updated.
Revision 1.3

Jul 27, 2022

Functional Update
  • RHEL-06-000227 - The SSH daemon must be configured to use only the SSHv2 protocol.
Revision 1.2

May 20, 2022

Functional Update
  • RHEL-06-000228 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.