Detections
Analytics

DISA Red Hat Enterprise Linux 9 STIG v2r2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA Red Hat Enterprise Linux 9 STIG v2r2

Updated: 3/25/2025

Authority: DISA STIG

Plugin: Unix

Revision: 1.3

Estimated Item Count: 451

File Details

Filename: DISA_STIG_Red_Hat_Enterprise_Linux_9_v2r2.audit

Size: 848 kB

MD5: 55894ace73fb618a972bf7a47dd910c5
SHA256: fa864aa9facda82691b3079426206f57bf75063e1de1494d14ec199d94ad56bd

Audit Items

DescriptionCategories
DISA_STIG_Red_Hat_Enterprise_Linux_9_v2r2.audit from DISA Red Hat Enterprise Linux 9 v2r2 STIG
RHEL-09-211010 - RHEL 9 must be a vendor-supported release.
RHEL-09-211015 - RHEL 9 vendor packaged system security patches and updates must be installed and up to date.
RHEL-09-211020 - RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a command line user logon.
RHEL-09-211030 - The graphical display manager must not be the default target on RHEL 9 unless approved.
RHEL-09-211035 - RHEL 9 must enable the hardware random number generator entropy gatherer service.
RHEL-09-211040 - RHEL 9 systemd-journald service must be enabled.
RHEL-09-211045 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled.
RHEL-09-211050 - The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 9.
RHEL-09-211055 - RHEL 9 debug-shell systemd service must be disabled.
RHEL-09-212010 - RHEL 9 must require a boot loader superuser password.
RHEL-09-212015 - RHEL 9 must disable the ability of systemd to spawn an interactive boot process.
RHEL-09-212020 - RHEL 9 must require a unique superusers name upon booting into single-user and maintenance modes.
RHEL-09-212025 - RHEL 9 /boot/grub2/grub.cfg file must be group-owned by root.
RHEL-09-212030 - RHEL 9 /boot/grub2/grub.cfg file must be owned by root.
RHEL-09-212035 - RHEL 9 must disable virtual system calls.
RHEL-09-212040 - RHEL 9 must clear the page allocator to prevent use-after-free attacks.
RHEL-09-212045 - RHEL 9 must clear SLUB/SLAB objects to prevent use-after-free attacks.
RHEL-09-212050 - RHEL 9 must enable mitigations against processor-based vulnerabilities.
RHEL-09-212055 - RHEL 9 must enable auditing of processes that start prior to the audit daemon.
RHEL-09-213010 - RHEL 9 must restrict access to the kernel message buffer.
RHEL-09-213015 - RHEL 9 must prevent kernel profiling by nonprivileged users.
RHEL-09-213020 - RHEL 9 must prevent the loading of a new kernel for later execution.
RHEL-09-213025 - RHEL 9 must restrict exposed kernel pointer addresses access.
RHEL-09-213030 - RHEL 9 must enable kernel parameters to enforce discretionary access control on hardlinks.
RHEL-09-213035 - RHEL 9 must enable kernel parameters to enforce discretionary access control on symlinks.
RHEL-09-213040 - RHEL 9 must disable the kernel.core_pattern.
RHEL-09-213045 - RHEL 9 must be configured to disable the Asynchronous Transfer Mode kernel module.
RHEL-09-213050 - RHEL 9 must be configured to disable the Controller Area Network kernel module.
RHEL-09-213055 - RHEL 9 must be configured to disable the FireWire kernel module.
RHEL-09-213060 - RHEL 9 must disable the Stream Control Transmission Protocol (SCTP) kernel module.
RHEL-09-213065 - RHEL 9 must disable the Transparent Inter Process Communication (TIPC) kernel module.
RHEL-09-213070 - RHEL 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.
RHEL-09-213075 - RHEL 9 must disable access to network bpf system call from nonprivileged processes.
RHEL-09-213080 - RHEL 9 must restrict usage of ptrace to descendant processes.
RHEL-09-213085 - RHEL 9 must disable core dump backtraces.
RHEL-09-213090 - RHEL 9 must disable storing core dumps.
RHEL-09-213095 - RHEL 9 must disable core dumps for all users.
RHEL-09-213100 - RHEL 9 must disable acquiring, saving, and processing core dumps.
RHEL-09-213105 - RHEL 9 must disable the use of user namespaces.
RHEL-09-213110 - RHEL 9 must implement nonexecutable data to protect its memory from unauthorized code execution.
RHEL-09-213115 - The kdump service on RHEL 9 must be disabled.
RHEL-09-214010 - RHEL 9 must ensure cryptographic verification of vendor software packages.
RHEL-09-214015 - RHEL 9 must check the GPG signature of software packages originating from external software repositories before installation.
RHEL-09-214020 - RHEL 9 must check the GPG signature of locally installed software packages before installation.
RHEL-09-214025 - RHEL 9 must have GPG signature verification enabled for all software repositories.
RHEL-09-214030 - RHEL 9 must be configured so that the cryptographic hashes of system files match vendor values.
RHEL-09-214035 - RHEL 9 must remove all software components after updated versions have been installed.
RHEL-09-215010 - RHEL 9 subscription-manager package must be installed.
RHEL-09-215015 - RHEL 9 must not have a File Transfer Protocol (FTP) server package installed.