Detections
Analytics

DISA Red Hat Enterprise Linux 8 STIG v1r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA Red Hat Enterprise Linux 8 STIG v1r1

Updated: 9/28/2021

Authority: DISA STIG

Plugin: Unix

Revision: 1.7

Estimated Item Count: 524

Audit Items

DescriptionCategories
DISA_STIG_Red_Hat_Enterprise_Linux_8_v1r1.audit from DISA Red Hat Enterprise Linux 8 v1r1 STIG
RHEL-08-010000 - RHEL 8 must be a vendor-supported release.
RHEL-08-010010 - RHEL 8 vendor packaged system security patches and updates must be installed and up to date.
RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
RHEL-08-010030 - All RHEL 8 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection.
RHEL-08-010040 - RHEL 8 must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a ssh logon. - /etc/issue
RHEL-08-010040 - RHEL 8 must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a ssh logon. - /etc/ssh/sshd_config
RHEL-08-010050 - RHEL 8 must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. - banner-message-enable
RHEL-08-010050 - RHEL 8 must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. - banner-message-text
RHEL-08-010060 - RHEL 8 must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a command line user logon.
RHEL-08-010070 - All RHEL 8 remote access methods must be monitored. - auth
RHEL-08-010070 - All RHEL 8 remote access methods must be monitored. - authpriv
RHEL-08-010070 - All RHEL 8 remote access methods must be monitored. - daemon
RHEL-08-010090 - RHEL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
RHEL-08-010100 - RHEL 8, for certificate-based authentication, must enforce authorized access to the corresponding private key.
RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.
RHEL-08-010130 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all created passwords. - password-auth
RHEL-08-010130 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all created passwords. - system-auth
RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance. - password
RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance. - superusers
RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes. - password
RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes. - superusers
RHEL-08-010151 - RHEL 8 operating systems must require authentication upon booting into emergency or rescue modes.
RHEL-08-010160 - The RHEL 8 pam_unix.so module must use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. - password-auth
RHEL-08-010160 - The RHEL 8 pam_unix.so module must use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. - system-auth
RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication.
RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.
RHEL-08-010170 - RHEL 8 must use a Linux Security Module configured to enforce limits on system services.
RHEL-08-010171 - RHEL 8 must have policycoreutils package installed.
RHEL-08-010180 - All RHEL 8 public directories must be owned by root or a system account to prevent unauthorized and unintended information transferred via shared system resources.
RHEL-08-010190 - A sticky bit must be set on all RHEL 8 public directories to prevent unauthorized and unintended information transferred via shared system resources.
RHEL-08-010200 - RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements - ClientAliveCountMax
RHEL-08-010200 - RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated at the end of the session or after 10 minutes of inactivity, except to fulfill documented and validated mission requirements - ClientAliveInterval
RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive.
RHEL-08-010220 - The RHEL 8 /var/log/messages file must be owned by root.
RHEL-08-010230 - The RHEL 8 /var/log/messages file must be group-owned by root.
RHEL-08-010240 - The RHEL 8 /var/log directory must have mode 0755 or less permissive.
RHEL-08-010250 - The RHEL 8 /var/log directory must be owned by root.
RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root.
RHEL-08-010290 - The RHEL 8 SSH daemon must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms. - CRYPTO_POLICY
RHEL-08-010290 - The RHEL 8 SSH daemon must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms. - MACs
RHEL-08-010290 - The RHEL 8 SSH daemon must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms. - update-crypto-policies
RHEL-08-010291 - The RHEL 8 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. - ciphers
RHEL-08-010291 - The RHEL 8 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. - CRYPTO_POLICY
RHEL-08-010291 - The RHEL 8 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. - update-crypto-policies
RHEL-08-010292 - RHEL 8 must ensure the SSH server uses strong entropy.
RHEL-08-010293 - The RHEL 8 operating system must implement DoD-approved encryption in the OpenSSL package. - /etc/pki/tls/openssl.cnf
RHEL-08-010293 - The RHEL 8 operating system must implement DoD-approved encryption in the OpenSSL package. - update-crypto-policies
RHEL-08-010294 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the OpenSSL package.