Detections
Analytics

DISA Red Hat Enterprise Linux 8 STIG v1r11

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA Red Hat Enterprise Linux 8 STIG v1r11

Updated: 1/7/2024

Authority: DISA STIG

Plugin: Unix

Revision: 1.3

Estimated Item Count: 442

Audit Items

DescriptionCategories
DISA_STIG_Red_Hat_Enterprise_Linux_8_v1r11.audit from DISA Red Hat Enterprise Linux 8 v1r11 STIG
RHEL-08-010000 - RHEL 8 must be a vendor-supported release.
RHEL-08-010001 - The RHEL 8 operating system must implement the Endpoint Security for Linux Threat Prevention tool.
RHEL-08-010010 - RHEL 8 vendor packaged system security patches and updates must be installed and up to date.
RHEL-08-010019 - RHEL 8 must ensure cryptographic verification of vendor software packages.
RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards
RHEL-08-010030 - All RHEL 8 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection.
RHEL-08-010040 - RHEL 8 must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a ssh logon
RHEL-08-010049 - RHEL 8 must display a banner before granting local or remote access to the system via a graphical user logon.
RHEL-08-010050 - RHEL 8 must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon.
RHEL-08-010060 - RHEL 8 must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a command line user logon.
RHEL-08-010070 - All RHEL 8 remote access methods must be monitored
RHEL-08-010090 - RHEL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
RHEL-08-010100 - RHEL 8, for certificate-based authentication, must enforce authorized access to the corresponding private key.
RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
RHEL-08-010120 - RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.
RHEL-08-010121 - The RHEL 8 operating system must not have accounts configured with blank or null passwords.
RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.
RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.
RHEL-08-010141 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require a unique superusers name upon booting into single-user mode and maintenance.
RHEL-08-010149 - RHEL 8 operating systems booted with a BIOS must require a unique superusers name upon booting into single-user and maintenance modes.
RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.
RHEL-08-010151 - RHEL 8 operating systems must require authentication upon booting into rescue mode.
RHEL-08-010152 - RHEL 8 operating systems must require authentication upon booting into emergency mode.
RHEL-08-010159 - The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication.
RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.
RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8.
RHEL-08-010170 - RHEL 8 must use a Linux Security Module configured to enforce limits on system services.
RHEL-08-010171 - RHEL 8 must have policycoreutils package installed.
RHEL-08-010190 - A sticky bit must be set on all RHEL 8 public directories to prevent unauthorized and unintended information transferred via shared system resources.
RHEL-08-010200 - RHEL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
RHEL-08-010201 - RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.
RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive.
RHEL-08-010220 - The RHEL 8 /var/log/messages file must be owned by root.
RHEL-08-010230 - The RHEL 8 /var/log/messages file must be group-owned by root.
RHEL-08-010240 - The RHEL 8 /var/log directory must have mode 0755 or less permissive.
RHEL-08-010250 - The RHEL 8 /var/log directory must be owned by root.
RHEL-08-010260 - The RHEL 8 /var/log directory must be group-owned by root.
RHEL-08-010287 - The RHEL 8 SSH daemon must be configured to use system-wide crypto policies.
RHEL-08-010290 - The RHEL 8 SSH server must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.
RHEL-08-010291 - The RHEL 8 operating system must implement DoD-approved encryption to protect the confidentiality of SSH server connections.
RHEL-08-010292 - RHEL 8 must ensure the SSH server uses strong entropy.
RHEL-08-010293 - The RHEL 8 operating system must implement DoD-approved encryption in the OpenSSL package - update-crypto-policies
RHEL-08-010294 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the OpenSSL package.
RHEL-08-010295 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the GnuTLS package.
RHEL-08-010300 - RHEL 8 system commands must have mode 755 or less permissive.
RHEL-08-010310 - RHEL 8 system commands must be owned by root.
RHEL-08-010320 - RHEL 8 system commands must be group-owned by root or a system account.