Item Search

NameAudit NamePluginCategory
GEN001440 - All interactive users must be assigned a home directory in the /etc/passwd file.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN001480 - All user home directories must have mode 0750 or less permissive.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN001500 - All interactive user home directories must be owned by their respective users.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN001540 - All files and directories contained in interactive user home directories must be owned by the home directorys owner.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN001550 - All files and directories contained in user home directories must be group-owned by a group of which the home directorys owner is a member.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN001570 - All files and directories contained in user home directories must not have extended ACLs.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN002320 - Audio devices must have mode 0660 or less permissive - '/dev/audio*'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN002330 - Audio devices must not have extended ACLs - '/dev/snd/*'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN002360 - Audio devices must be group-owned by root, sys, bin, or system - '/dev/audio*'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN002360 - Audio devices must be group-owned by root, sys, bin, or system - '/dev/snd/*'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN002540 - All public directories must be group-owned by root, sys, bin, or an application group.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN003440 - At jobs must not set the umask to a value less restrictive than 077 - At jobs must not set the umask to a value less restrictive than 077.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN004220 - Administrative accounts must not run a web browser, except as needed for local service administration.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN004400 - Files executed through a mail aliases file must be owned by root and must reside within a directory owned and writable only by root.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN004410 - Files executed through a mail aliases file must be group-owned by root, bin, sys, or system, and must reside within a directory group-owned by root, bin, sys, or system.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN004880 - The ftpusers file must exist.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN004930 - The ftpusers file must be group-owned by root, bin, sys, or system - '/etc/ftpusers'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN004940 - The ftpusers file must have mode 0640 or less permissive - '/etc/ftpusers'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN004940 - The ftpusers file must have mode 0640 or less permissive - '/etc/vsftpd.ftpusers'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN005040 - All FTP users must have a default umask of 077 - '/etc/vsftpd/vsftpd.conf anon_umask'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN005100 - The TFTP daemon must have mode 0755 or less permissive.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN005390 - The /etc/syslog.conf file must have mode 0640 or less permissive - /etc/rsyslog.confDISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN005395 - The /etc/syslog.conf file must not have an extended ACL - /etc/syslog.confDISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN005400 - The /etc/syslog.conf file must be owned by root.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN005521 - The SSH daemon must restrict login ability to specific users and/or groups.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN005536 - The SSH daemon must perform strict mode checking of home directory configuration files.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN005750 - The Network File System (NFS) export configuration file must be group-owned by root, bin, sys, or system.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN005770 - The Network File System (NFS) exports configuration file must not have an extended ACL.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN005810 - All Network File System (NFS) exported system files and system directories must be group-owned by root, bin, sys, or system.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GEN005900 - The nosuid option must be enabled on all Network File System (NFS) client mounts.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006150 - The /etc/smb.conf file must not have an extended ACL.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006180 - The smbpasswd file must be group-owned by root - '/etc/samba/passdb.tdb'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006180 - The smbpasswd file must be group-owned by root - '/etc/samba/secrets.tdb'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006200 - The smbpasswd file must have mode 0600 or less permissive - '/etc/samba/passdb.tdb'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006200 - The smbpasswd file must have mode 0600 or less permissive - '/etc/samba/secrets.tdb'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006210 - The /etc/smbpasswd file must not have an extended ACL - '/etc/samba/secrets.tdb'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006260 - The /etc/news/incoming.conf (or equivalent) must have mode 0600 or less permissive - or equivalent must have mode 0600 or less permissiveDISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006270 - The /etc/news/incoming.conf file must not have an extended ACL.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006290 - The /etc/news/hosts.nntp.nolimit file must not have an extended ACL.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006310 - The /etc/news/nnrp.access file must not have an extended ACL.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006320 - The /etc/news/passwd.nntp file (or equivalent) must have mode 0600 or less permissive.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006340 - Files in /etc/news must be owned by root or news.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006360 - The files in /etc/news must be group-owned by root or news.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN008100 - If the system is using LDAP for authentication or account information, the /etc/ldap.conf (or equivalent) file must be group-owned by root, bin, sys, or system.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN008140 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must be owned by root - '/etc/ssl/ca.cert'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN008160 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must be group-owned by root, bin, sys, or system - '/etc/ssl/certs'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN008180 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must have mode 0644 (0755 for directories) or less permissive - '/etc/ssl/certs'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN008200 - If the system is using LDAP for authentication or account information, the LDAP TLS certificate authority file and/or directory (as appropriate) must not have an extended ACL - as appropriate must not have an extended ACL.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN008260 - If the system is using LDAP for authentication or account information, the LDAP TLS certificate file must have mode 0644 or less permissive - '/etc/openldap/cacerts/cert.pem'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN008360 - If the system is using LDAP for authentication or account information, the LDAP TLS key file must not have an extended ACL - '/etc/openldap/cacerts/key.pem'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT