| RHEL-09-232180 - RHEL 9 /var/log/messages file must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-232190 - RHEL 9 system commands must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232195 - RHEL 9 system commands must be group-owned by root or a system account. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232210 - RHEL 9 library directories must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232245 - A sticky bit must be set on all RHEL 9 public directories. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-232250 - All RHEL 9 local files and directories must have a valid group owner. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-251035 - RHEL 9 must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-252045 - RHEL 9 must not have unauthorized IP tunnels configured. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-252050 - RHEL 9 must be configured to prevent unrestricted mail relaying. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-253015 - RHEL 9 must ignore Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-253025 - RHEL 9 must log IPv4 packets with impossible addresses. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-253030 - RHEL 9 must log IPv4 packets with impossible addresses by default. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-253040 - RHEL 9 must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255060 - RHEL 9 must implement DOD-approved encryption ciphers to protect the confidentiality of SSH connections. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-255100 - RHEL 9 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-255115 - RHEL 9 SSH server configuration files' permissions must not be modified. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255125 - RHEL 9 SSH public host key files must have mode 0644 or less permissive. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255150 - RHEL 9 SSH daemon must not allow known hosts authentication. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-271010 - RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-271045 - RHEL 9 must be able to initiate directly a session lock for all connection types using smart card when the smart card is removed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-271055 - RHEL 9 must enable a user session lock until that user re-establishes access using established identification and authentication procedures for graphical user sessions. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-271065 - RHEL 9 must automatically lock graphical user sessions after 15 minutes of inactivity. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-271090 - RHEL 9 effective dconf policy must match the policy keyfiles. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-291020 - RHEL 9 must have the USBGuard package enabled. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-291035 - RHEL 9 Bluetooth must be disabled. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-411040 - RHEL 9 must automatically expire temporary accounts within 72 hours. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-411065 - All RHEL 9 local interactive user home directories defined in the /etc/passwd file must exist. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411080 - RHEL 9 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-411085 - RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-411100 - The root account must be the only account having unrestricted access to RHEL 9 system. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411115 - Local RHEL 9 initialization files must not execute world-writable programs. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-412035 - RHEL 9 must automatically exit interactive command shell user sessions after 10 minutes of inactivity. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-432020 - RHEL 9 must use the invoking user's password for privilege escalation when using "sudo". | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-433015 - RHEL 9 fapolicy module must be enabled. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-611045 - RHEL 9 must ensure the password complexity module is enabled in the system-auth file. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-611075 - RHEL 9 passwords for new users or password changes must have a 24 hours minimum password lifetime restriction in /etc/login.defs. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611165 - RHEL 9 must enable certificate based smart card authentication. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-651030 - RHEL 9 must be configured so that the file integrity tool verifies Access Control Lists (ACLs). | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-651035 - RHEL 9 must be configured so that the file integrity tool verifies extended attributes. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-653065 - RHEL 9 must take appropriate action when the internal event queue is full. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653075 - RHEL 9 audit system must audit local events. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653100 - RHEL 9 must produce audit records containing information to establish the identity of any individual or process associated with the event. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| RHEL-09-653120 - RHEL 9 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654030 - RHEL 9 must audit all uses of umount system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654090 - RHEL 9 must audit all uses of the chsh command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654180 - RHEL 9 must audit all uses of the mount command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654245 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654260 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/tallylog. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654270 - RHEL 9 audit system must protect logon UIDs from unauthorized change. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-671025 - RHEL 9 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-3 approved cryptographic hashing algorithm for system authentication. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
