Detections
Analytics

Item Search

NameAudit NamePluginCategory
OL09-00-000690 - OL 9 must audit all uses of the init_module and finit_module system calls.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

OL09-00-000705 - OL 9 must audit all uses of umount system calls.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

OL09-00-000730 - OL 9 must be configured so that successful/unsuccessful uses of the init command generate an audit record.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

OL09-00-000795 - OL 9 audit logs file must have mode 0600 or less permissive to prevent unauthorized access to the audit log.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

OL09-00-000800 - OL 9 audit system must audit local events.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

OL09-00-000805 - OL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

OL09-00-000815 - OL 9 must forward mail from postmaster to the root account using a postfix alias.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

OL09-00-000820 - OL 9 must take appropriate action when a critical audit processing failure occurs.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

OL09-00-000830 - OL 9 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

OL09-00-000835 - OL 9 must produce audit records containing information to establish the identity of any individual or process associated with the event.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

OL09-00-000840 - OL 9 must be configured so that successful/unsuccessful uses of the umount system call generate an audit record.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

OL09-00-000850 - OL 9 must allocate audit record storage capacity to store at least one week's worth of audit records.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

OL09-00-000860 - OL 9 must take appropriate action when the internal event queue is full.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

OL09-00-000870 - OL 9 must notify the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75 percent utilization.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

OL09-00-001035 - OL 9 must require the maximum number of repeating characters be limited to three when passwords are changed.DISA Oracle Linux 9 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

OL09-00-001040 - OL 9 must require the change of at least four character classes when passwords are changed.DISA Oracle Linux 9 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

OL09-00-002032 - OL 9 must prevent files with the setuid and setgid bit set from being executed on the /boot/efi directory.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002063 - OL 9 must mount /var/log with the nosuid option.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002066 - OL 9 must mount /var/log/audit with the nosuid option.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002080 - OL 9 must prevent special devices on nonroot local partitions.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002100 - OL 9 must disable the graphical user interface automount function unless required.DISA Oracle Linux 9 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

OL09-00-002120 - OL 9 must prevent a user from overriding the disabling of the graphical user interface automount function.DISA Oracle Linux 9 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

OL09-00-002124 - OL 9 must prevent a user from overriding the session idle-delay setting for the graphical user interface.DISA Oracle Linux 9 STIG v1r4Unix

ACCESS CONTROL

OL09-00-002301 - OL 9 must define default permissions for the bash shell.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002302 - OL 9 must define default permissions for the c shell.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002323 - OL 9 must securely compare internal information system clocks at least every 24 hours.DISA Oracle Linux 9 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

OL09-00-002343 - OL 9 SSHD must not allow blank passwords.DISA Oracle Linux 9 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

OL09-00-002344 - OL 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD.DISA Oracle Linux 9 STIG v1r4Unix

MAINTENANCE

OL09-00-002346 - OL 9 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.DISA Oracle Linux 9 STIG v1r4Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

OL09-00-002363 - OL 9 must require users to provide a password for privilege escalation.DISA Oracle Linux 9 STIG v1r4Unix

ACCESS CONTROL

OL09-00-002376 - OL 9 must terminate idle user sessions.DISA Oracle Linux 9 STIG v1r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OL09-00-002380 - OL 9 must disable the kernel.core_pattern.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002385 - OL 9 must be configured so that the kdump service is disabled.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002409 - OL 9 must disable access to network bpf system call from nonprivileged processes.DISA Oracle Linux 9 STIG v1r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OL09-00-002501 - OL 9 must not have unauthorized accounts.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002503 - OL 9 SSH public host key files must have mode 0644 or less permissive.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002508 - OL 9 SSH server configuration file must be owned by root.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002522 - OL 9 library directories must have mode 755 or less permissive.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002524 - OL 9 library files must be owned by root.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002525 - OL 9 library files must have mode 0755 or less permissive.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002530 - OL 9 /boot/grub2/grub.cfg file must be group-owned by root.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002549 - OL 9 /etc/passwd- file must have mode 0644 or less permissive to prevent unauthorized access.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002551 - OL 9 /etc/shadow- file must be group-owned by root.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-002561 - OL 9 /var/log directory must be owned by root.DISA Oracle Linux 9 STIG v1r4Unix

SYSTEM AND INFORMATION INTEGRITY

OL09-00-002565 - OL 9 /var/log/messages file must have mode 0640 or less permissive.DISA Oracle Linux 9 STIG v1r4Unix

SYSTEM AND INFORMATION INTEGRITY

OL09-00-002580 - OL 9 cron configuration directories must have a mode of 0700 or less permissive.DISA Oracle Linux 9 STIG v1r4Unix

CONFIGURATION MANAGEMENT

OL09-00-003011 - OL 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file.DISA Oracle Linux 9 STIG v1r4Unix

ACCESS CONTROL

OL09-00-003020 - OL 9 must automatically lock an account when three unsuccessful logon attempts occur.DISA Oracle Linux 9 STIG v1r4Unix

ACCESS CONTROL

OL09-00-003023 - OL 9 must ensure account lockouts persist.DISA Oracle Linux 9 STIG v1r4Unix

ACCESS CONTROL

OL09-00-005000 - OL 9 remote access methods must be monitored.DISA Oracle Linux 9 STIG v1r4Unix

ACCESS CONTROL