RHEL-06-000247 - The system clock must be synchronized continuously, or at least daily - CHKCONFIG. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
RHEL-06-000257 - The graphical desktop environment must set the idle timeout to no more than 15 minutes. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
RHEL-06-000259 - The graphical desktop environment must have automatic lock enabled. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
RHEL-06-000260 - The system must display a publicly-viewable pattern during a graphical desktop environment session lock. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
RHEL-06-000270 - Remote file systems must be mounted with the nosuid option. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
RHEL-06-000274 - The system must prohibit the reuse of passwords within five iterations - password-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-06-000281 - The system package management tool must verify contents of all files associated with the audit package. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
RHEL-06-000282 - There must be no world-writable files on the system. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
RHEL-06-000285 - The system must have a host-based intrusion detection tool installed - MFEhiplsm | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
RHEL-06-000288 - The sendmail package must be removed. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
RHEL-06-000289 - The netconsole service must be disabled unless required - 'CHKCONFIG'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
RHEL-06-000291 - The xorg-x11-server-common (X Windows) package must not be installed, unless required. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
RHEL-06-000292 - The DHCP client must be disabled if not needed. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
RHEL-06-000299 - The system must require passwords to contain no more than three consecutive repeating characters - password-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
RHEL-06-000336 - The sticky bit must be set on all public directories. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
RHEL-06-000338 - The TFTP daemon must operate in secure mode which provides access only to a single directory on the host file system. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
RHEL-06-000384 - Audit log files must be owned by root. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
RHEL-06-000511 - The audit system must take appropriate action when there are disk errors on the audit storage volume. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
RHEL-06-000519 - The system package management tool must verify contents of all files associated with packages. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
RHEL-06-000526 - Automated file system mounting tools must not be enabled unless needed - CHKCONFIG | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
RHEL-06-000529 - The sudo command must require authentication - /etc/sudoers NOPASSWD | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-07-020060 - The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: To provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
RHEL-08-010050 - RHEL 8 must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
RHEL-08-010090 - RHEL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
RHEL-08-010141 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require a unique superusers name upon booting into single-user mode and maintenance. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
RHEL-08-010151 - RHEL 8 operating systems must require authentication upon booting into rescue mode. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-08-010171 - RHEL 8 must have policycoreutils package installed. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-08-010190 - A sticky bit must be set on all RHEL 8 public directories to prevent unauthorized and unintended information transferred via shared system resources. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-010375 - RHEL 8 must restrict access to the kernel message buffer. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-08-010383 - RHEL 8 must use the invoking user's password for privilege escalation when using 'sudo' - sudo. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
RHEL-08-010400 - RHEL 8 must implement certificate status checking for multifactor authentication. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-08-010421 - RHEL 8 must clear the page allocator to prevent use-after-free attacks. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-08-010471 - RHEL 8 must enable the hardware random number generator entropy gatherer service. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-010542 - RHEL 8 must use a separate file system for the system audit data path. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-010544 - RHEL 8 must use a separate file system for /var/tmp. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-010550 - RHEL 8 must not permit direct logons to the root account using remote access via SSH. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-08-010590 - RHEL 8 must prevent code from being executed on file systems that contain user home directories. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-010630 - RHEL 8 must prevent code from being executed on file systems that are imported via Network File System (NFS). | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-010720 - All RHEL 8 local interactive users must have a home directory assigned in the /etc/passwd file. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-010730 - All RHEL 8 local interactive user home directories must have mode 0750 or less permissive. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-010780 - All RHEL 8 local files and directories must have a valid owner. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-010800 - A separate RHEL 8 filesystem must be used for user home directories (such as /home or an equivalent). | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-020000 - RHEL 8 temporary user accounts must be provisioned with an expiration time of 72 hours or less. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |