| 3.5.1.3 Ensure nftables either not installed or masked with firewalld - stopped | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.1.3 Ensure nftables is not installed or stopped and masked | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000030 - The Arista BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS). | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000200 - The out-of-band management (OOBM) Arista gateway router must be configured to not redistribute routes between the management network routing domain and the managed network routing domain. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| RHEL-06-000003 - The system must use a separate file system for /var/log. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000005 - The audit system must alert designated staff members when the audit storage volume approaches capacity. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000013 - The system package management tool must cryptographically verify the authenticity of system software packages during installation. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000027 - The system must prevent the root account from logging in from virtual consoles. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000030 - The system must not have accounts configured with blank or null passwords - password-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000041 - The /etc/passwd file must have mode 0644 or less permissive. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000045 - Library files must have mode 0755 or less permissive - '/usr/lib/*'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000046 - Library files must be owned by a system account - '/usr/lib64/*'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000047 - All system command files must have mode 755 or less permissive - '/bin/*' | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000048 - All system command files must be owned by root - /usr/bin/*. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000048 - All system command files must be owned by root - /usr/local/bin/*. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000048 - All system command files must be owned by root - /usr/local/sbin/*. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000056 - The system must require passwords to contain at least one numeric character - password-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000057 - The system must require passwords to contain at least one uppercase alphabetic character - system-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000058 - The system must require passwords to contain at least one special character - system-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000063 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes (login.defs) - login.defs. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000065 - The system boot loader configuration file(s) must be owned by root. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000069 - The system must require authentication upon booting into single-user and maintenance modes. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000086 - The system must not accept ICMPv4 secure redirect packets on any interface - config | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000088 - The system must log Martian packets - sysctl | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000091 - The system must ignore ICMPv4 redirect messages by default - config | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000091 - The system must ignore ICMPv4 redirect messages by default - sysconfig | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000092 - The system must not respond to ICMPv4 sent to a broadcast address - sysctl | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000099 - The system must ignore ICMPv6 redirects by default - sysctl | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000106 - The operating system must connect to external networks or information systems only through managed IPv6 interfaces consisting of boundary protection devices arranged in accordance with an organizational security architecture. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000135 - All rsyslog-generated log files must have mode 0600 or less permissive. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-06-000159 - The system must retain enough rotated audit logs to cover the required log retention period. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000160 - The system must set a maximum audit log file size. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000161 - The system must rotate audit log files that reach the maximum file size. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000163 - The audit system must switch the system to single-user mode when available audit storage volume becomes dangerously low. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000167 - The audit system must be configured to audit all attempts to alter system time through settimeofday - 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000171 - The audit system must be configured to audit all attempts to alter system time through clock_settime - 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000171 - The audit system must be configured to audit all attempts to alter system time through clock_settime - 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000174 - The operating system must automatically audit account creation - /etc/security/opasswd | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000176 - The operating system must automatically audit account disabling actions - /etc/gshadow. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000177 - The operating system must automatically audit account termination - /etc/group. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000177 - The operating system must automatically audit account termination - /etc/passwd. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000182 - The audit system must be configured to audit modifications to the systems network configuration - /etc/issue.net | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000182 - The audit system must be configured to audit modifications to the systems network configuration - setdomainname 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000184 - The audit system must be configured to audit all discretionary access control permission modifications using chmod - auid=0 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000189 - The audit system must be configured to audit all discretionary access control permission modifications using fchownat - auid=0 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000191 - The audit system must be configured to audit all discretionary access control permission modifications using fsetxattr - auid>=500 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000191 - The audit system must be configured to audit all discretionary access control permission modifications using fsetxattr - auid>=500 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000194 - The audit system must be configured to audit all discretionary access control permission modifications using lsetxattr - auid=0 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000195 - The audit system must be configured to audit all discretionary access control permission modifications using removexattr - auid=0 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-672020 - RHEL 9 cryptographic policy must not be overridden. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
