| DISA_STIG_RHEL_6_v2r2.audit from DISA Red Hat Enterprise Linux 6 v2r2 STIG | |
| RHEL-06-000001 - The system must use a separate file system for /tmp. | CONFIGURATION MANAGEMENT |
| RHEL-06-000002 - The system must use a separate file system for /var. | CONFIGURATION MANAGEMENT |
| RHEL-06-000003 - The system must use a separate file system for /var/log. | CONFIGURATION MANAGEMENT |
| RHEL-06-000004 - The system must use a separate file system for the system audit data path. | CONFIGURATION MANAGEMENT |
| RHEL-06-000005 - The audit system must alert designated staff members when the audit storage volume approaches capacity. | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000007 - The system must use a separate file system for user home directories. | CONFIGURATION MANAGEMENT |
| RHEL-06-000008 - Vendor-provided cryptographic certificates must be installed to verify the integrity of system software. | CONFIGURATION MANAGEMENT |
| RHEL-06-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless using RHN or an RHN Satellite - 'CHKCONFIG'. | CONFIGURATION MANAGEMENT |
| RHEL-06-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless using RHN or an RHN Satellite - 'PROCESS_CHECK'. | CONFIGURATION MANAGEMENT |
| RHEL-06-000010 - The Red Hat Enterprise Linux operating system must be a vendor-supported release. | CONFIGURATION MANAGEMENT |
| RHEL-06-000011 - System security patches and updates must be installed and up-to-date. | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-06-000013 - The system package management tool must cryptographically verify the authenticity of system software packages during installation. | CONFIGURATION MANAGEMENT |
| RHEL-06-000015 - The system package management tool must cryptographically verify the authenticity of all software packages during installation. | CONFIGURATION MANAGEMENT |
| RHEL-06-000016 - A file integrity tool must be installed. | CONFIGURATION MANAGEMENT |
| RHEL-06-000017 - The system must use a Linux Security Module at boot time. | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-06-000018 - A file integrity baseline must be created. | CONFIGURATION MANAGEMENT |
| RHEL-06-000019 - There must be no .rhosts or hosts.equiv files on the system - /etc/hosts.equiv. | CONFIGURATION MANAGEMENT |
| RHEL-06-000019 - There must be no .rhosts or hosts.equiv files on the system - ~/.rhosts. | CONFIGURATION MANAGEMENT |
| RHEL-06-000020 - The system must use a Linux Security Module configured to enforce limits on system services. | ACCESS CONTROL |
| RHEL-06-000021 - The Red Hat Enterprise Linux operating system must not contain .shosts or shosts.equiv files. | CONFIGURATION MANAGEMENT |
| RHEL-06-000023 - The system must use a Linux Security Module configured to limit the privileges of system services. | ACCESS CONTROL |
| RHEL-06-000025 - All device files must be monitored by the system Linux Security Module. | ACCESS CONTROL |
| RHEL-06-000027 - The system must prevent the root account from logging in from virtual consoles. | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000028 - The system must prevent the root account from logging in from serial consoles. | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000029 - Default operating system accounts, other than root, must be locked. | CONFIGURATION MANAGEMENT |
| RHEL-06-000030 - The system must not have accounts configured with blank or null passwords - password-auth. | CONFIGURATION MANAGEMENT |
| RHEL-06-000030 - The system must not have accounts configured with blank or null passwords - system-auth. | CONFIGURATION MANAGEMENT |
| RHEL-06-000031 - The /etc/passwd file must not contain password hashes. | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000032 - The root account must be the only account having a UID of 0. | CONFIGURATION MANAGEMENT |
| RHEL-06-000033 - The /etc/shadow file must be owned by root. | CONFIGURATION MANAGEMENT |
| RHEL-06-000034 - The /etc/shadow file must be group-owned by root. | CONFIGURATION MANAGEMENT |
| RHEL-06-000035 - The /etc/shadow file must have mode 0000. | CONFIGURATION MANAGEMENT |
| RHEL-06-000036 - The /etc/gshadow file must be owned by root. | CONFIGURATION MANAGEMENT |
| RHEL-06-000037 - The /etc/gshadow file must be group-owned by root. | CONFIGURATION MANAGEMENT |
| RHEL-06-000038 - The /etc/gshadow file must have mode 0000. | CONFIGURATION MANAGEMENT |
| RHEL-06-000039 - The /etc/passwd file must be owned by root. | CONFIGURATION MANAGEMENT |
| RHEL-06-000040 - The /etc/passwd file must be group-owned by root. | CONFIGURATION MANAGEMENT |
| RHEL-06-000041 - The /etc/passwd file must have mode 0644 or less permissive. | CONFIGURATION MANAGEMENT |
| RHEL-06-000042 - The /etc/group file must be owned by root. | CONFIGURATION MANAGEMENT |
| RHEL-06-000043 - The /etc/group file must be group-owned by root. | CONFIGURATION MANAGEMENT |
| RHEL-06-000044 - The /etc/group file must have mode 0644 or less permissive. | CONFIGURATION MANAGEMENT |
| RHEL-06-000045 - Library files must have mode 0755 or less permissive - '/lib/*'. | CONFIGURATION MANAGEMENT |
| RHEL-06-000045 - Library files must have mode 0755 or less permissive - '/lib64/*'. | CONFIGURATION MANAGEMENT |
| RHEL-06-000045 - Library files must have mode 0755 or less permissive - '/usr/lib/*'. | CONFIGURATION MANAGEMENT |
| RHEL-06-000045 - Library files must have mode 0755 or less permissive - '/usr/lib64/*'. | CONFIGURATION MANAGEMENT |
| RHEL-06-000046 - Library files must be owned by a system account - '/lib/*'. | CONFIGURATION MANAGEMENT |
| RHEL-06-000046 - Library files must be owned by a system account - '/lib64/*'. | CONFIGURATION MANAGEMENT |
| RHEL-06-000046 - Library files must be owned by a system account - '/usr/lib/*'. | CONFIGURATION MANAGEMENT |
| RHEL-06-000046 - Library files must be owned by a system account - '/usr/lib64/*'. | CONFIGURATION MANAGEMENT |
