Detections
Analytics

Item Search

NameAudit NamePluginCategory
RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

ACCESS CONTROL

RHEL-08-020026 - RHEL 8 must configure the use of the pam_faillock.so module in the /etc/pam.d/password-auth file.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

ACCESS CONTROL

RHEL-08-020030 - RHEL 8 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

ACCESS CONTROL

RHEL-08-020100 - RHEL 8 must ensure the password complexity module is enabled in the password-auth file.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-020300 - RHEL 8 must prevent the use of dictionary words for passwords.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-020310 - RHEL 8 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-020350 - RHEL 8 must display the date and time of the last successful account logon upon an SSH logon.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

ACCESS CONTROL

RHEL-08-030020 - The RHEL 8 System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) must be alerted of an audit processing failure event.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030130 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030172 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030180 - The RHEL 8 audit package must be installed.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030181 - RHEL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030190 - Successful/unsuccessful uses of the su command in RHEL 8 must generate an audit record.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030330 - Successful/unsuccessful uses of the setfacl command in RHEL 8 must generate an audit record.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030400 - Successful/unsuccessful uses of the crontab command in RHEL 8 must generate an audit record.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030610 - RHEL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030640 - RHEL 8 audit tools must be group-owned by root.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-040020 - RHEL 8 must cover or disable the built-in or attached camera when not in use.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-040030 - RHEL 8 must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-040070 - The RHEL 8 file system automounter must be disabled unless required.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-040080 - RHEL 8 must be configured to disable USB mass storage.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-08-040240 - RHEL 8 must not forward IPv6 source-routed packets.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-040250 - RHEL 8 must not forward IPv6 source-routed packets by default.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-040260 - RHEL 8 must not enable IPv6 packet forwarding unless the system is a router.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-040261 - RHEL 8 must not accept router advertisements on all IPv6 interfaces.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-040286 - RHEL 8 must enable hardening for the Berkeley Packet Filter Just-in-time compiler.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-040321 - The graphical display manager must not be the default target on RHEL 8 unless approved.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

RHEL-08-040390 - The tuned package must not be installed unless mission essential on RHEL 8.DISA Red Hat Enterprise Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

UBTU-22-232010 - Ubuntu 22.04 LTS must have directories that contain system commands set to a mode of "755" or less permissive.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

AUDIT AND ACCOUNTABILITY

UBTU-22-232026 - Ubuntu 22.04 LTS must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

SYSTEM AND INFORMATION INTEGRITY

UBTU-22-232027 - Ubuntu 22.04 LTS must generate system journal entries without revealing information that could be exploited by adversaries.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

SYSTEM AND INFORMATION INTEGRITY

UBTU-22-232085 - Ubuntu 22.04 LTS must configure the directories used by the system journal to be group-owned by "systemd-journal".DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

SYSTEM AND INFORMATION INTEGRITY

UBTU-22-232105 - Ubuntu 22.04 LTS must be configured so that the "journalctl" command is group-owned by "root".DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

SYSTEM AND INFORMATION INTEGRITY

UBTU-22-232130 - Ubuntu 22.04 LTS must configure "/var/log/syslog" file to be owned by "syslog".DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

SYSTEM AND INFORMATION INTEGRITY

UBTU-22-251025 - Ubuntu 22.04 LTS must configure the Uncomplicated Firewall (ufw) to rate-limit impacted network interfaces.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-22-251030 - Ubuntu 22.04 LTS must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

CONFIGURATION MANAGEMENT

UBTU-22-255035 - Ubuntu 22.04 LTS must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-22-271010 - Ubuntu 22.04 LTS must enable the graphical user logon banner to display the Standard Mandatory DOD Notice and Consent Banner before granting local access to the system via a graphical user logon.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

ACCESS CONTROL

UBTU-22-271015 - Ubuntu 22.04 LTS must display the Standard Mandatory DOD Notice and Consent Banner before granting local access to the system via a graphical user logon.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

ACCESS CONTROL

UBTU-22-653075 - Ubuntu 22.04 LTS must permit only authorized groups to own the audit configuration files.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

AUDIT AND ACCOUNTABILITY

UBTU-22-654055 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful attempts to use the kmod command.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

AUDIT AND ACCOUNTABILITY

UBTU-22-654060 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful attempts to use modprobe command.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

AUDIT AND ACCOUNTABILITY

UBTU-22-654065 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the mount command.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

AUDIT AND ACCOUNTABILITY

UBTU-22-654070 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the newgrp command.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

AUDIT AND ACCOUNTABILITY