Detections
Analytics

Item Search

NameAudit NamePluginCategory
5.3.9 Collect Login and Logout Events - /var/log/btmpCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

6.1.1 Enable anacron DaemonCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

RHEL-09-211030 - The graphical display manager must not be the default target on RHEL 9 unless approved.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-212010 - RHEL 9 must require a boot loader superuser password.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

ACCESS CONTROL

RHEL-09-212055 - RHEL 9 must enable auditing of processes that start prior to the audit daemon.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-09-213015 - RHEL 9 must prevent kernel profiling by nonprivileged users.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-213040 - RHEL 9 must disable the kernel.core_pattern.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-213050 - RHEL 9 must be configured to disable the Controller Area Network kernel module.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-213085 - RHEL 9 must disable core dump backtraces.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-215025 - RHEL 9 must not have the nfs-utils package installed.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-215035 - RHEL 9 must not have the rsh-server package installed.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-215040 - RHEL 9 must not have the telnet-server package installed.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-215045 - RHEL 9 must not have the gssproxy package installed.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-215050 - RHEL 9 must not have the iprutils package installed.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-215070 - A graphical display manager must not be installed on RHEL 9 unless approved.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-215075 - RHEL 9 must have the openssl-pkcs11 package installed.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-09-215085 - RHEL 9 must have the nss-tools package installed.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-231010 - A separate RHEL 9 file system must be used for user home directories (such as /home or an equivalent).DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-231025 - RHEL 9 must use a separate file system for /var/log.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-231045 - RHEL 9 must prevent device files from being interpreted on file systems that contain user home directories.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-231130 - RHEL 9 must mount /tmp with the noexec option.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-231185 - RHEL 9 must mount /var/tmp with the nosuid option.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-231195 - RHEL 9 must disable mounting of cramfs.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-232010 - RHEL 9 system commands must have mode 755 or less permissive.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-232035 - RHEL 9 audit tools must have a mode of 0755 or less permissive.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-232050 - All RHEL 9 local interactive user home directories must have mode 0750 or less permissive.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-232085 - RHEL 9 /etc/shadow- file must have mode 0000 or less permissive to prevent unauthorized access.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-232090 - RHEL 9 /etc/group file must be owned by root.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-232120 - RHEL 9 /etc/gshadow- file must be owned by root.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-232130 - RHEL 9 /etc/passwd file must be owned by root.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-232135 - RHEL 9 /etc/passwd file must be group-owned by root.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-232180 - RHEL 9 /var/log/messages file must be owned by root.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

SYSTEM AND INFORMATION INTEGRITY

RHEL-09-232190 - RHEL 9 system commands must be owned by root.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-232215 - RHEL 9 library directories must be group-owned by root or a system account.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-232225 - RHEL 9 audit tools must be group-owned by root.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-232235 - RHEL 9 cron configuration files directory must be group-owned by root.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-232250 - All RHEL 9 local files and directories must have a valid group owner.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-251010 - RHEL 9 must have the firewalld package installed.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

RHEL-09-251015 - The firewalld service on RHEL 9 must be active.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

RHEL-09-252020 - RHEL 9 must securely compare internal information system clocks at least every 24 hours.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-252030 - RHEL 9 must disable network management of the chrony daemon.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-252060 - RHEL 9 must forward mail from postmaster to the root account using a postfix alias.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-253025 - RHEL 9 must log IPv4 packets with impossible addresses.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-253055 - RHEL 9 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-253070 - RHEL 9 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-253075 - RHEL 9 must not enable IPv4 packet forwarding unless the system is a router.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-09-255055 - RHEL 9 SSH daemon must be configured to use system-wide crypto policies.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

ACCESS CONTROL

RHEL-09-255075 - The RHEL 9 SSH server must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH server connections.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

ACCESS CONTROL

RHEL-09-255095 - RHEL 9 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-255160 - RHEL 9 SSH daemon must perform strict mode checking of home directory configuration files.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

CONFIGURATION MANAGEMENT