Item Search

NameAudit NamePluginCategory
1.1.5 Create Separate Partition for /varCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.17 Set Sticky Bit on All World-Writable DirectoriesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.5.2 Set Permissions on /etc/grub.confCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

1.5.4 Require Authentication for Single-User ModeCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

1.6.2 Configure ExecShield - kernel.exec-shield = 1CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

2.1.8 Remove tftp-serverCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

2.1.10 Remove talk-serverCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

2.1.16 Disable echo-dgramCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

2.1.18 Disable tcpmux-serverCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.1.2 Service Only via Required Protocol - use-ipv4=no'CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.1.5 Disable Publishing - disable-publishing=yesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.1.6 Restrict Published Information (if publishing is required) - disable-user-service-publishing=yesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

RHEL-06-000201 - The audit system must be configured to audit changes to the /etc/sudoers file.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - /sbin/modprobe.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000204 - The xinetd service must be uninstalled if no network services utilizing it are enabled.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000206 - The telnet-server package must not be installed.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000218 - The rlogind service must not be running.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000224 - The cron service must be running - PROCESS_CHECK.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000239 - The SSH daemon must not allow authentication using an empty password.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000240 - The SSH daemon must be configured with the Department of Defense (DoD) login banner.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000247 - The system clock must be synchronized continuously, or at least daily - PROCESS_CHECK.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000248 - The system clock must be synchronized to an authoritative DoD time source.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000256 - The openldap-servers package must not be installed unless required.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000261 - The Automatic Bug Reporting Tool (abrtd) service must not be running - 'CHKCONFIG'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000262 - The atd service must be disabled - PROCESS_CHECK.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000265 - The ntpdate service must not be running - 'CHKCONFIG'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000266 - The oddjobd service must not be running - 'CHKCONFIG'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000267 - The qpidd service must not be running - CHKCONFIG.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000267 - The qpidd service must not be running - PROCESS_CHECK.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000268 - The rdisc service must not be running - 'PROCESS_CHECK'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000273 - The system must use SMB client signing for connecting to samba servers using mount.cifs.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000278 - The system package management tool must verify permissions on all files and directories associated with the audit package.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000279 - The system package management tool must verify ownership on all files and directories associated with the audit package.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000304 - The operating system must employ automated mechanisms to detect the presence of unauthorized software on organizational information systems and notify designated organizational officials in accordance with the organization defined frequency.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000306 - The operating system must detect unauthorized changes to software and information.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000311 - The audit system must provide a warning when allocated audit record storage volume reaches a documented percentage of maximum audit record storage capacity.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000313 - The audit system must identify staff members to receive notifications of audit log storage volume capacity issues.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000334 - Accounts must be locked upon 35 days of inactivity.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000342 - The system default umask for the bash shell must be 077.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000345 - The system default umask in /etc/login.defs must be 077.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000357 - The system must disable accounts after excessive login failures within a 15-minute interval - password-auth auth requiredDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000357 - The system must disable accounts after excessive login failures within a 15-minute interval - system-auth auth requiredDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000372 - The operating system, upon successful logon/access, must display to the user the number of unsuccessful logon/access attempts since the last successful logon/access - silentDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000383 - Audit log files must have mode 0640 or less permissive.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000507 - The operating system, upon successful logon, must display to the user the date and time of the last logon or access via ssh.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000508 - The system must allow locking of graphical desktop sessions.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000510 - The audit system must take appropriate action when the audit storage volume is full.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000518 - The system package management tool must verify permissions on all files and directories associated with packages.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000529 - The sudo command must require authentication - /etc/sudoers !authenticateDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000534 - The Red Hat Enterprise Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - grubDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION