Detections
Analytics

DISA Red Hat Enterprise Linux 8 STIG v1r3

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA Red Hat Enterprise Linux 8 STIG v1r3

Updated: 3/23/2022

Authority: DISA STIG

Plugin: Unix

Revision: 1.4

Estimated Item Count: 534

Audit Changelog

 
Revision 1.4

Mar 23, 2022

Functional Update
  • RHEL-08-030590 - Successful/unsuccessful modifications to the faillock log file in RHEL 8 must generate an audit record.
Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.3

Jan 7, 2022

Functional Update
  • RHEL-08-010421 - RHEL 8 must clear the page allocator to prevent use-after-free attacks - /etc/default/grub
  • RHEL-08-010421 - RHEL 8 must clear the page allocator to prevent use-after-free attacks - grub2-editenv
  • RHEL-08-010422 - RHEL 8 must disable virtual syscalls - /etc/default/grub
  • RHEL-08-010422 - RHEL 8 must disable virtual syscalls - grub2-editenv
  • RHEL-08-010423 - RHEL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks - /etc/default/grub
  • RHEL-08-010423 - RHEL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks - grub2-editenv
  • RHEL-08-030590 - Successful/unsuccessful modifications to the faillock log file in RHEL 8 must generate an audit record.
Miscellaneous
  • Metadata updated.
  • References updated.
Added
  • RHEL-08-020220 - RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
Removed
  • RHEL-08-020210 - RHEL 8 user account passwords must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
Revision 1.2

Nov 16, 2021

Functional Update
  • RHEL-08-030590 - Successful/unsuccessful modifications to the faillock log file in RHEL 8 must generate an audit record.
  • RHEL-08-030710 - RHEL 8 must encrypt the transfer of audit records off-loaded onto a different system or media from the system being audited - ActionSendStreamDriverMode
  • RHEL-08-030710 - RHEL 8 must encrypt the transfer of audit records off-loaded onto a different system or media from the system being audited - DefaultNetstreamDriver
  • RHEL-08-030720 - RHEL 8 must authenticate the remote logging server for off-loading audit logs.
Miscellaneous
  • References updated.
Revision 1.1

Oct 27, 2021

Functional Update
  • RHEL-08-030301 - Successful/unsuccessful uses of the umount command in RHEL 8 must generate an audit record.
  • RHEL-08-030590 - Successful/unsuccessful modifications to the faillock log file in RHEL 8 must generate an audit record.
Miscellaneous
  • References updated.