| GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/shadow shutdown' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| GEN000000-LNX00450 - The access.conf file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-LNX00600 - The Linux PAM system must not grant sole access to admin privileges to the first user who logs into the console. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-LNX00660 - The /etc/securetty file must have mode 0600 or less permissive. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-LNX001431 - The /etc/gshadow file must be owned by root. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-LNX001476 - The /etc/gshadow file must not contain any group password hashes. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN000242 - The system must use at least two time sources for clock synchronization - 'cron jobs' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000244 - The system must use time sources local to the enclave. | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000290-4 - The system must not have the unnecessary ftp account - ftp account. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000440 - Successful and unsuccessful logins and logouts must be logged - '/var/log/wtmp' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN000452 - The system must display the date and time of the last successful account login upon login. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000500 - Graphical desktop environments provided by the system must automatically lock after 15 minutes of inactivity and the system must require users to re-authenticate to unlock the environment. Applications requiring continuous, real-time screen display (i.e., network management products) require the following and need to be documented with the IAO. -The logon session does not have administrator rights. -The display station (i.e., keyboard, monitor, etc.) is located in a controlled access area. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN000560 - The system must not have accounts configured with blank or null passwords. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN000590 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes. | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000610 - The system must require passwords contain at least one lowercase alphabetic character. | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000700 - User passwords must be changed at least every 60 days. | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000740 - All non-interactive/automated processing account passwords must be changed at least once per year or be locked. | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN001025 - The sudo command must require authentication - /etc/sudoers.d/ !authenticate | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN001060 - The system must log successful and unsuccessful access to the root account - '-Fmsgtype=USER_AUTH must not exist' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN001060 - The system must log successful and unsuccessful access to the root account - '-Fmsgtype=USER_LOGIN must not exist' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN001060 - The system must log successful and unsuccessful access to the root account - rsyslog 'authpriv.*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN001060 - The system must log successful and unsuccessful access to the root account - syslog 'authpriv.*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN001080 - The root shell must be located in the / file system. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001140 - System files and directories must not have uneven access permissions - '/bin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001180 - All network services daemon files must have mode 0755 or less permissive. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001200 - All system command files must have mode 0755 or less permissive - '/usr/sbin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001210 - All system command files must not have extended ACLs - '/usr/bin' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001210 - All system command files must not have extended ACLs - '/usr/sbin' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - '/sbin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - '/usr/lbin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - '/usr/sbin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001240 - System files, programs, and directories must be group-owned by a system group - '/usr/sbin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001240 - System files, programs, and directories must be group-owned by a system group - '/usr/usb/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001300 - Library files must have mode 0755 or less permissive - '/lib64/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001310 - All library files must not have extended ACLs - '/lib/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001310 - All library files must not have extended ACLs - '/usr/lib/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001365 - The /etc/resolv.conf file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001367 - The /etc/hosts file must be group-owned by root, bin, or sys. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001374 - The /etc/nsswitch.conf file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001410 - The /etc/shadow file (or equivalent) must be group-owned by root, bin, or sys - or equivalent file must be group-owned by root, bin, or sys. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001460 - All interactive user home directories defined in the /etc/passwd file must exist. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001580 - All run control scripts must have mode 0755 or less permissive - '/etc/rc.d/rc0.d/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001600 - Run control scripts executable search paths must contain only authorized paths - '/etc/rc.d/rc2.d/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001605 - Run control scripts library search paths must contain only authorized paths - '/etc/init.d/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001605 - Run control scripts library search paths must contain only authorized paths - '/etc/rc.d/rc3.d/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001610 - Run control scripts lists of preloaded libraries must contain only authorized paths - '/etc/rc.d/rc6.d/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001700 - System start-up files must only execute programs owned by a privileged UID or an application. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001720 - All global initialization files must have mode 0644 or less permissive - '/etc/bashrc' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001720 - All global initialization files must have mode 0644 or less permissive - '/etc/profile.d/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/suid_profile' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
