4.1.4.1 Ensure Audit logs are owned by root and mode 0600 or less permissive | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
AIX7-00-002070 - AIX log files must be owned by a system account. | DISA STIG AIX 7.x v3r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
AIX7-00-003006 - AIX log files must have mode 0640 or less permissive. | DISA STIG AIX 7.x v3r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
AIX7-00-003007 - AIX log files must not have extended ACLs, except as needed to support authorized software. | DISA STIG AIX 7.x v3r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
AOSX-14-000030 - The macOS system must be configured so that log files must not contain access control lists (ACLs). | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
AOSX-14-004002 - The macOS system must be configured with system log files set to mode 640 or less permissive - Newsyslog | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
AOSX-15-000030 - The macOS system must be configured so that log files must not contain access control lists (ACLs). | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - repositoryAccess | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member access | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
EP11-00-006600 - The EDB Postgres Advanced Server must reveal detailed error messages only to the ISSO, ISSM, SA, and DBA. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
F5BI-DM-000151 - The application must be configured to reveal error messages only to authorized individuals (ISSO, ISSM, and SA). | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
JUSX-DM-000022 - The Juniper SRX Services Gateway must generate alerts to the management console and generate a log record that can be forwarded to the ISSO and designated system administrators when the local accounts (i.e., the account of last resort or root account) are deleted. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
O121-C2-020000 - The DBMS must restrict error messages so only authorized personnel may view them. | DISA STIG Oracle 12c v3r1 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
OL6-00-000133 - All rsyslog-generated log files must be owned by root. | DISA STIG Oracle Linux 6 v2r7 | Unix | SYSTEM AND INFORMATION INTEGRITY |
OL07-00-910055 - The Oracle Linux operating system must protect audit information from unauthorized read, modification, or deletion. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
PANW-AG-000127 - The Palo Alto Networks security platform must block traceroutes and ICMP probes originating from untrusted networks (e.g., ISP and other non-DoD networks). | DISA STIG Palo Alto ALG v3r1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
PANW-NM-000075 - Administrators in the role of Security Administrator, Cryptographic Administrator, or Audit Administrator must not also have the role of Audit Administrator. | DISA STIG Palo Alto NDM v3r1 | Palo_Alto | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
PGS9-00-002500 - PostgreSQL must reveal detailed error messages only to the ISSO, ISSM, SA and DBA. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
RHEL-06-000135 - All rsyslog-generated log files must have mode 0600 or less permissive. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
RHEL-07-910055 - The Red Hat Enterprise Linux operating system must protect audit information from unauthorized read, modification, or deletion. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
RHEL-09-653080 - RHEL 9 audit logs must be group-owned by root or by a restricted logging group to prevent unauthorized read access. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
RHEL-09-653085 - RHEL 9 audit log directory must be owned by root to prevent unauthorized read access. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
RHEL-09-653090 - RHEL 9 audit logs file must have mode 0600 or less permissive to prevent unauthorized access to the audit log. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
TCAT-AS-000930 - Default error pages for manager application must be customized. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
TCAT-AS-000940 - ErrorReportValve showReport must be set to false. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
UBTU-16-020090 - Audit logs must have a mode of 0600 or less permissive to prevent unauthorized read access. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
UBTU-16-020120 - Audit logs must be group-owned by root to prevent unauthorized read access. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
UBTU-18-010123 - The Ubuntu operating system must configure the /var/log directory to be owned by root. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND INFORMATION INTEGRITY |
UBTU-18-010124 - The Ubuntu operating system must configure the /var/log directory to have mode 0755 or less permissive. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND INFORMATION INTEGRITY |
UBTU-18-010127 - The Ubuntu operating system must configure /var/log/syslog file with mode 0640 or less permissive. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND INFORMATION INTEGRITY |
WBSP-AS-000070 - The WebSphere Application Server security auditing must be enabled. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
WBSP-AS-000070 - The WebSphere Application Server security auditing must be enabled. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
WBSP-AS-000070 - The WebSphere Application Server security auditing must be enabled. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |