Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.22 Disable Mounting of hfsplus Filesystems - install hfsplus /bin/true'CIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

1.4.1 Enable SELinux in /etc/grub.conf - enforcing != 0CIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

ACCESS CONTROL

5.2.6 Accept Remote rsyslog Messages Only on Designated Log Hosts - $InputTCPServerRun 514CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.3.7 Record Events That Modify the System's Network Environment - /etc/issueCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

5.3.7 Record Events That Modify the System's Network Environment - /etc/issue.netCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

5.3.12 Collect Unsuccessful Unauthorized Access Attempts to Files - arch=b64 EPERMCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.3.13 Collect Use of Privileged CommandsCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

5.3.15 Collect File Deletion Events by User - arch=b32CIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.3.18 Collect Kernel Module Loading and Unloading - /sbin/modprobeCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

5.3.19 Make the Audit Configuration Immutable - -e 2CIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.4 Configure logrotate - '/var/log/boot.log'CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.4 Configure logrotate - '/var/log/spooler'CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

6.1.5 Set User/Group Owner and Permission on /etc/cron.hourlyCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.1.6 Set User/Group Owner and Permission on /etc/cron.dailyCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.1.10 Restrict at/cron to Authorized Users - cron.allowCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.3.1 Set Password Creation Requirement Parameters Using pam_cracklib - password requiredCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

IDENTIFICATION AND AUTHENTICATION

6.3.2 Set Lockout for Failed Password Attempts - auth required pam_tally2.so deny=5 onerr=failCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.3.6 Remove the pam_ccreds PackageCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

6.5 Restrict Access to the su Command - auth required pam_wheel.so use_uid'CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

7.5 Lock Inactive User Accounts - INACTIVE=35CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

8.1.1 Set Warning Banner for Standard Login Services - /etc/issueCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

8.1.1 Set Warning Banner for Standard Login Services - /etc/issue.netCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

8.1.2 Remove OS Information from Login Warning Banners - /etc/issueCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

8.2 Set GNOME Warning BannerCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

9.1.1 Verify System File PermissionsCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

ACCESS CONTROL

9.1.5 Verify Permissions on /etc/groupCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

9.1.11 Find Un-owned Files and DirectoriesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

9.2.1 Ensure Password Fields are Not EmptyCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

IDENTIFICATION AND AUTHENTICATION

9.2.10 Check for Presence of User .rhosts FilesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-010040 - RHEL 8 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a ssh logon.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

ACCESS CONTROL

RHEL-08-010090 - RHEL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-010149 - RHEL 8 operating systems booted with a BIOS must require a unique superusers name upon booting into single-user and maintenance modes.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

ACCESS CONTROL

RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

ACCESS CONTROL

RHEL-08-010210 - The RHEL 8 /var/log/messages file must have mode 0640 or less permissive.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

SYSTEM AND INFORMATION INTEGRITY

RHEL-08-010220 - The RHEL 8 /var/log/messages file must be owned by root.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

SYSTEM AND INFORMATION INTEGRITY

RHEL-08-010287 - The RHEL 8 SSH daemon must be configured to use system-wide crypto policies.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

ACCESS CONTROL

RHEL-08-010291 - The RHEL 8 operating system must implement DOD-approved encryption to protect the confidentiality of SSH server connections.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

ACCESS CONTROL

RHEL-08-010295 - The RHEL 8 operating system must implement DoD-approved TLS encryption in the GnuTLS package.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

ACCESS CONTROL

RHEL-08-010300 - RHEL 8 system commands must have mode 755 or less permissive.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-010359 - The RHEL 8 operating system must use a file integrity tool to verify correct operation of all security functions.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

SYSTEM AND INFORMATION INTEGRITY

RHEL-08-010360 - The RHEL 8 file integrity tool must notify the system administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered within an organizationally defined frequency.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-010380 - RHEL 8 must require users to provide a password for privilege escalation.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-010390 - RHEL 8 must have the packages required for multifactor authentication installed.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-010420 - RHEL 8 must implement non-executable data to protect its memory from unauthorized code execution.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

SYSTEM AND INFORMATION INTEGRITY

RHEL-08-010455 - RHEL 8 must elevate the SELinux context when an administrator calls the sudo command.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

ACCESS CONTROL

RHEL-08-010472 - RHEL 8 must have the packages required to use the hardware random number generator entropy gatherer service.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-010500 - The RHEL 8 SSH daemon must perform strict mode checking of home directory configuration files.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-010520 - The RHEL 8 SSH daemon must not allow authentication using known host's authentication.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-010561 - The rsyslog service must be running in RHEL 8.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-010571 - RHEL 8 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT