Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.10 Add nodev Option to /homeCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-06-000182 - The audit system must be configured to audit modifications to the systems network configuration - setdomainname 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000184 - The audit system must be configured to audit all discretionary access control permission modifications using chmod - auid=0 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000189 - The audit system must be configured to audit all discretionary access control permission modifications using fchownat - auid=0 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000191 - The audit system must be configured to audit all discretionary access control permission modifications using fsetxattr - auid>=500 32 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000191 - The audit system must be configured to audit all discretionary access control permission modifications using fsetxattr - auid>=500 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000194 - The audit system must be configured to audit all discretionary access control permission modifications using lsetxattr - auid=0 32 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000195 - The audit system must be configured to audit all discretionary access control permission modifications using removexattr - auid=0 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000196 - The audit system must be configured to audit all discretionary access control permission modifications using setxattr - auid>=500 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000197 - The audit system must be configured to audit failed attempts to access files and programs - EACCESDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000197 - The audit system must be configured to audit failed attempts to access files and programs - EPERMDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000199 - The audit system must be configured to audit successful file system mounts - auid>=500 32 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - renameat 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - /sbin/insmod.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - delete_module 32 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - delete_module 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - init_module 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000203 - The xinetd service must be disabled if no network services utilizing it are enabled - CHKCONFIG.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000223 - The TFTP service must not be running.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000224 - The cron service must be running - CHKCONFIG.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000230 - The SSH daemon must set a timeout interval on idle sessions.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-06-000243 - The RHEL 6 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000272 - The system must use SMB client signing for connecting to samba servers using smbclient.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000286 - The x86 Ctrl-Alt-Delete key sequence must be disabled.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000287 - The postfix service must be enabled for mail delivery.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000289 - The netconsole service must be disabled unless required - 'Running'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000290 - X Windows must not be enabled unless required.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000293 - Wireless network adapters must be disabled.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-06-000297 - Temporary accounts must be provisioned with an expiration date.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000303 - The operating system must employ automated mechanisms, per organization defined frequency, to detect the addition of unauthorized components/devices into the operating system.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000307 - The operating system must ensure unauthorized, security-relevant configuration changes detected are tracked.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000308 - Process core dumps must be disabled unless needed.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000315 - The Bluetooth kernel module must be disabled - 'bluetooth'DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000315 - The Bluetooth kernel module must be disabled - 'net-pf-31'DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000319 - The system must limit users to 10 simultaneous system logins, or a site-defined number, in accordance with operational requirements.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000337 - All public directories must be owned by a system account.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000339 - The FTP daemon must be configured for logging or verbose mode - 'log_ftp_protocol = yes'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000340 - The snmpd service must use only SNMP protocol version 3 or newer.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000341 - The snmpd service must not use a default password.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000344 - The system default umask in /etc/profile must be 077.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000347 - There must be no .netrc files on the system.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000348 - The FTPS/FTP service on the system must be configured with the Department of Defense (DoD) login banner.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000356 - The system must require administrator action to unlock an account locked by excessive failed login attempts - 'password-auth auth [default=die]'DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000356 - The system must require administrator action to unlock an account locked by excessive failed login attempts - 'system-auth auth [default=die]'DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000385 - Audit log directories must have mode 0755 or less permissive.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000521 - The mail system must forward all mail for root to one or more system administrators.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000529 - The sudo command must require authentication - /etc/sudoers.d/* !authenticateDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000534 - The Red Hat Enterprise Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - procDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-07-020050 - The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040500 - The Red Hat Enterprise Linux operating system must, for networked systems, synchronize clocks with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY