Detections
Analytics

DISA Amazon Linux 2023 STIG v1r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA Amazon Linux 2023 STIG v1r1

Updated: 2/13/2026

Authority: DISA STIG

Plugin: Unix

Revision: 1.1

Estimated Item Count: 193

File Details

Filename: DISA_STIG_Amazon_Linux_2023_v1r1.audit

Size: 371 kB

MD5: 7b6e6ab86c9d7f3e52685cf9087c2e8d
SHA256: 62b5f57116cb168cf7aae8eb5f20160b82c3816ba83fb6b463d8dc2008849621

Audit Items

DescriptionCategories
AZLX-23-000100 - Amazon Linux 2023 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection.
AZLX-23-000110 - Amazon Linux 2023 must ensure cryptographic verification of vendor software packages.
AZLX-23-000115 - Amazon Linux 2023 must check the GPG signature of locally installed software packages before installation.
AZLX-23-000120 - Amazon Linux 2023 must check the GPG signature of software packages originating from external software repositories before installation.
AZLX-23-000125 - Amazon Linux 2023 must have GPG signature verification enabled for all software repositories.
AZLX-23-000130 - Amazon Linux 2023 must be a vendor-supported release.
AZLX-23-000135 - Amazon Linux 2023 systemd-journald service must be enabled.
AZLX-23-000200 - Amazon Linux 2023 must restrict access to the kernel message buffer.
AZLX-23-000205 - Amazon Linux 2023 must prevent kernel profiling by nonprivileged users.
AZLX-23-000210 - Amazon Linux 2023 must restrict exposed kernel pointer addresses access.
AZLX-23-000215 - Amazon Linux 2023 must disable access to network bpf system call from nonprivileged processes.
AZLX-23-000220 - Amazon Linux 2023 must restrict usage of ptrace to descendant processes.
AZLX-23-000225 - Amazon Linux 2023 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.
AZLX-23-000300 - Amazon Linux 2023 must not have the vsftpd package installed.
AZLX-23-000305 - Amazon Linux 2023 must not have the sendmail package installed.
AZLX-23-000310 - Amazon Linux 2023 must not have the nfs-utils package installed.
AZLX-23-000315 - Amazon Linux 2023 must not have the telnet-server package installed.
AZLX-23-000320 - Amazon Linux 2023 must not have the gssproxy package installed.
AZLX-23-001000 - Amazon Linux 2023 must have the sudo package installed.
AZLX-23-001005 - Amazon Linux 2023 must not be configured to bypass password requirements for privilege escalation.
AZLX-23-001010 - Amazon Linux 2023 must require reauthentication when using the "sudo" command.
AZLX-23-001015 - Amazon Linux 2023 must require users to reauthenticate for privilege escalation.
AZLX-23-001020 - Amazon Linux 2023 must require users to provide a password for privilege escalation.
AZLX-23-001025 - Amazon Linux 2023 must have the audit package installed.
AZLX-23-001030 - Amazon Linux 2023 must produce audit records containing information to establish what type of events occurred.
AZLX-23-001035 - Amazon Linux 2023 audispd-plugins package must be installed.
AZLX-23-001040 - Amazon Linux 2023 must have the rsyslog package installed.
AZLX-23-001045 - Amazon Linux 2023 must monitor remote access methods.
AZLX-23-001050 - Amazon Linux 2023 must have the chrony package installed.
AZLX-23-001055 - Amazon Linux 2023 chronyd service must be enabled.
AZLX-23-001060 - Amazon Linux 2023 must have the Advanced Intrusion Detection Environment (AIDE) package installed.
AZLX-23-001065 - Amazon Linux 2023 must routinely check the baseline configuration for unauthorized changes and notify the system administrator when anomalies in the operation of any security functions are discovered.
AZLX-23-001070 - Amazon Linux 2023 must use cryptographic mechanisms to protect the integrity of audit tools.
AZLX-23-001075 - Amazon Linux 2023 must have the firewalld package installed.
AZLX-23-001080 - Amazon Linux 2023 must have the firewalld servicew active.
AZLX-23-001085 - Amazon Linux 2023 must be configured to disable nonessential capabilities.
AZLX-23-001090 - Amazon Linux 2023 must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks.
AZLX-23-001095 - Amazon Linux 2023 must have the s-nail package installed.
AZLX-23-001105 - Amazon Linux 2023 must have the libreswan package installed.
AZLX-23-001110 - Amazon Linux 2023 must have the policycoreutils package installed.
AZLX-23-001115 - Amazon Linux 2023 must have the pcsc-lite package installed.
AZLX-23-001120 - Amazon Linux 2023 must have the packages required for encrypting off-loaded audit logs installed.
AZLX-23-001125 - Amazon Linux 2023 must have the opensc package installed.
AZLX-23-001130 - Amazon Linux 2023 must have the openssl-pkcs11 package installed.
AZLX-23-001180 - Amazon Linux 2023 must have SSH installed.
AZLX-23-001185 - Amazon Linux 2023 must implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
AZLX-23-001195 - Amazon Linux 2023 must have the crypto-policies package installed.
AZLX-23-001200 - Amazon Linux 2023 SSH server must be configured to use systemwide crypto policies.
AZLX-23-001205 - Amazon Linux 2023 server must be configured to use only DOD-approved encryption ciphers employing FIPS 140-2/140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH server connections.
AZLX-23-001210 - Amazon Linux 2023 SSH server must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-2/140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH server connections.