RHEL-08-040126 - RHEL 8 must mount /var/log with the nodev option. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-040127 - RHEL 8 must mount /var/log with the nosuid option. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-040131 - RHEL 8 must mount /var/log/audit with the noexec option. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-040171 - The x86 Ctrl-Alt-Delete key sequence in RHEL 8 must be disabled if a graphical user interface is installed. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-040230 - RHEL 8 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-040239 - RHEL 8 must not forward IPv4 source-routed packets. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-040240 - RHEL 8 must not forward IPv6 source-routed packets. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-040249 - RHEL 8 must not forward IPv4 source-routed packets by default. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-040260 - RHEL 8 must not enable IPv6 packet forwarding unless the system is a router. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-040341 - The RHEL 8 SSH daemon must prevent remote hosts from connecting to the proxy display. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-211015 - RHEL 9 vendor packaged system security patches and updates must be installed and up to date. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-211020 - RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a command line user logon. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | ACCESS CONTROL |
RHEL-09-211040 - RHEL 9 systemd-journald service must be enabled. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-09-211055 - RHEL 9 debug-shell systemd service must be disabled. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | ACCESS CONTROL |
RHEL-09-212015 - RHEL 9 must disable the ability of systemd to spawn an interactive boot process. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-212040 - RHEL 9 must clear the page allocator to prevent use-after-free attacks. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-09-213025 - RHEL 9 must restrict exposed kernel pointer addresses access. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
RHEL-09-213030 - RHEL 9 must enable kernel parameters to enforce discretionary access control on hardlinks. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | ACCESS CONTROL |
RHEL-09-213065 - RHEL 9 must disable the Transparent Inter Process Communication (TIPC) kernel module. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-214035 - RHEL 9 must remove all software components after updated versions have been installed. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
RHEL-09-215020 - RHEL 9 must not have the sendmail package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-215055 - RHEL 9 must not have the tuned package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-231015 - RHEL 9 must use a separate file system for /tmp. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-231075 - RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS). | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-231110 - RHEL 9 must mount /dev/shm with the nodev option. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-231115 - RHEL 9 must mount /dev/shm with the noexec option. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-231125 - RHEL 9 must mount /tmp with the nodev option. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-231155 - RHEL 9 must mount /var/log with the nosuid option. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-231160 - RHEL 9 must mount /var/log/audit with the nodev option. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-232095 - RHEL 9 /etc/group file must be group-owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-232105 - RHEL 9 /etc/group- file must be group-owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-232150 - RHEL 9 /etc/shadow file must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-251020 - A RHEL 9 firewall must employ a deny-all, allow-by-exception policy for allowing connections to other systems. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-251030 - RHEL 9 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring rate-limiting measures on impacted network interfaces are implemented. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-09-252035 - RHEL 9 systems using Domain Name Servers (DNS) resolution must have at least two name servers configured. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-252045 - RHEL 9 must not have unauthorized IP tunnels configured. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-252050 - RHEL 9 must be configured to prevent unrestricted mail relaying. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-253020 - RHEL 9 must not forward Internet Protocol version 4 (IPv4) source-routed packets. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-254025 - RHEL 9 must not enable IPv6 packet forwarding unless the system is a router. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-255015 - All RHEL 9 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-09-255040 - RHEL 9 SSHD must not allow blank passwords. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-09-255100 - RHEL 9 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-09-255125 - RHEL 9 SSH public host key files must have mode 0644 or less permissive. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-255135 - RHEL 9 SSH daemon must not allow GSSAPI authentication. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-255175 - RHEL 9 SSH daemon must prevent remote hosts from connecting to the proxy display. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-271010 - RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | ACCESS CONTROL |
RHEL-09-271030 - RHEL 9 must disable the graphical user interface autorun function unless required. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |