DISA STIG Oracle Linux 6 v1r18

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Oracle Linux 6 v1r18

Updated: 5/27/2022

Authority: DISA STIG

Plugin: Unix

Revision: 1.8

Estimated Item Count: 414

File Details

Filename: DISA_STIG_Oracle_Linux_6_v1r18.audit

Size: 811 kB

MD5: 149dacc428adf59d7d0b7238a32d335b
SHA256: 4ede692e78610b5192731c78c036ff596700608b7fdf22334b633dea56e96c9d

Audit Changelog

 
Revision 1.8

May 27, 2022

Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.7

Apr 25, 2022

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.6

Jul 30, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.5

Jun 17, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.4

Mar 22, 2021

Functional Update
  • OL6-00-000050 - The system must require passwords to contain a minimum of 15 characters - /etc/pam.d/*
  • OL6-00-000133 - All rsyslog-generated log files must be owned by root.
  • OL6-00-000134 - All rsyslog-generated log files must be group-owned by root.
  • OL6-00-000135 - All rsyslog-generated log files must have mode 0600 or less permissive.
Miscellaneous
  • References updated.
  • Variables updated.
Revision 1.3

Feb 1, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.2

Oct 5, 2020

Functional Update
  • OL6-00-000079 - The system must limit the ability of processes to have simultaneous write and execute access to memory.
  • OL6-00-000099 - The system must ignore ICMPv6 redirects by default.
  • OL6-00-000103 - The system must employ a local IPv6 firewall.
  • OL6-00-000106 - The operating system must connect to external networks or information systems only through managed IPv6 interfaces consisting of boundary protection devices arranged in accordance with an organizational security architecture.
  • OL6-00-000107 - The operating system must prevent public IPv6 access into an organizations internal networks, except as appropriately mediated by managed interfaces employing boundary protection devices.
  • OL6-00-000165 - The audit system must be configured to audit all attempts to alter system time through adjtimex - b64
  • OL6-00-000167 - The audit system must be configured to audit all attempts to alter system time through settimeofday - b64
  • OL6-00-000171 - The audit system must be configured to audit all attempts to alter system time through clock_settime - b64
  • OL6-00-000182 - The audit system must be configured to audit modifications to the systems network configuration - 'setdomainname'
  • OL6-00-000182 - The audit system must be configured to audit modifications to the systems network configuration - 'sethostname'
  • OL6-00-000184 - The audit system must be configured to audit all discretionary access control permission modifications using chmod - b64 auid=0
  • OL6-00-000184 - The audit system must be configured to audit all discretionary access control permission modifications using chmod - b64 auid>=500
  • OL6-00-000185 - The audit system must be configured to audit all discretionary access control permission modifications using chown - b64 auid=0
  • OL6-00-000185 - The audit system must be configured to audit all discretionary access control permission modifications using chown - b64 auid>=500
  • OL6-00-000186 - The audit system must be configured to audit all discretionary access control permission modifications using fchmod - b64 auid=0
  • OL6-00-000186 - The audit system must be configured to audit all discretionary access control permission modifications using fchmod - b64 auid>=500
  • OL6-00-000187 - The audit system must be configured to audit all discretionary access control permission modifications using fchmodat - b64 auid=0
  • OL6-00-000187 - The audit system must be configured to audit all discretionary access control permission modifications using fchmodat - b64 auid>=500
  • OL6-00-000188 - The audit system must be configured to audit all discretionary access control permission modifications using fchown - b64 auid=0
  • OL6-00-000188 - The audit system must be configured to audit all discretionary access control permission modifications using fchown - b64 auid>=500
  • OL6-00-000189 - The audit system must be configured to audit all discretionary access control permission modifications using fchownat - b64 auid=0
  • OL6-00-000189 - The audit system must be configured to audit all discretionary access control permission modifications using fchownat - b64 auid>=500
  • OL6-00-000190 - The audit system must be configured to audit all discretionary access control permission modifications using fremovexattr - b64 auid=0
  • OL6-00-000190 - The audit system must be configured to audit all discretionary access control permission modifications using fremovexattr - b64 auid>=500
  • OL6-00-000191 - The audit system must be configured to audit all discretionary access control permission modifications using fsetxattr - b64 auid=0
  • OL6-00-000191 - The audit system must be configured to audit all discretionary access control permission modifications using fsetxattr - b64 auid>=500
  • OL6-00-000192 - The audit system must be configured to audit all discretionary access control permission modifications using lchown - b64 auid=0
  • OL6-00-000192 - The audit system must be configured to audit all discretionary access control permission modifications using lchown - b64 auid>=500
  • OL6-00-000193 - The audit system must be configured to audit all discretionary access control permission modifications using lremovexattr - b64 auid=0
  • OL6-00-000193 - The audit system must be configured to audit all discretionary access control permission modifications using lremovexattr - b64 auid>=500
  • OL6-00-000194 - The audit system must be configured to audit all discretionary access control permission modifications using lsetxattr - b64 auid=0
  • OL6-00-000194 - The audit system must be configured to audit all discretionary access control permission modifications using lsetxattr - b64 auid>=500
  • OL6-00-000195 - The audit system must be configured to audit all discretionary access control permission modifications using removexattr - b64 auid=0
  • OL6-00-000195 - The audit system must be configured to audit all discretionary access control permission modifications using removexattr - b64 auid>=500
  • OL6-00-000196 - The audit system must be configured to audit all discretionary access control permission modifications using setxattr - b64 auid=0
  • OL6-00-000196 - The audit system must be configured to audit all discretionary access control permission modifications using setxattr - b64 auid>=500
  • OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - EACCES auid=0
  • OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - EACCES auid>=500
  • OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - EPERM auid=0
  • OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - EPERM auid>=500
  • OL6-00-000199 - The audit system must be configured to audit successful file system mounts - auid=0
  • OL6-00-000199 - The audit system must be configured to audit successful file system mounts - auid>=500
  • OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - 'rename' auid=0
  • OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - 'rename' auid>=500
  • OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - 'renameat' auid=0
  • OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - 'renameat' auid>=500
  • OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - 'rmdir' auid=0
  • OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - 'rmdir' auid>=500
  • OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - 'unlink' auid=0
  • OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - 'unlink' auid>=500
  • OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - 'unlinkat' auid=0
  • OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - 'unlinkat' auid>=500
  • OL6-00-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - delete_module
  • OL6-00-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - init_module
  • OL6-00-000257 - The graphical desktop environment must set the idle timeout to no more than 15 minutes.
  • OL6-00-000258 - The graphical desktop environment must automatically lock after 15 minutes of inactivity and the system must require user reauthentication to unlock the environment.
  • OL6-00-000259 - The graphical desktop environment must have automatic lock enabled.
  • OL6-00-000260 - The system must display a publicly-viewable pattern during a graphical desktop environment session lock.
  • OL6-00-000324 - A login banner must be displayed immediately prior to, or as part of, graphical desktop environment login prompts.
  • OL6-00-000326 - The Department of Defense (DoD) login banner must be displayed immediately prior to, or as part of, graphical desktop environment login prompts.
  • OL6-00-000338 - The TFTP daemon must operate in secure mode which provides access only to a single directory on the host file system.
  • OL6-00-000339 - The FTP daemon must be configured for logging or verbose mode - 'log_ftp_protocol'
  • OL6-00-000339 - The FTP daemon must be configured for logging or verbose mode - 'xferlog_enable'
  • OL6-00-000339 - The FTP daemon must be configured for logging or verbose mode - 'xferlog_std_format'
  • OL6-00-000348 - The FTPS/FTP service on the system must be configured with the Department of Defense (DoD) login banner.
  • OL6-00-000508 - The system must allow locking of graphical desktop sessions.
  • OL6-00-000523 - The systems local IPv6 firewall must implement a deny-all, allow-by-exception policy for inbound packets.
  • OL6-00-000527 - The login user list must be disabled.
  • OL6-00-000534 - The Oracle Linux 6 operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
Miscellaneous
  • Platform check updated.
Revision 1.1

Sep 29, 2020

Miscellaneous
  • References updated.