| OL6-00-000003 - The system must use a separate file system for /var/log. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000005 - The audit system must alert designated staff members when the audit storage volume approaches capacity. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless it is being used to query the Oracle Unbreakable Linux Network for updates and information - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless it is being used to query the Oracle Unbreakable Linux Network for updates and information - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000013 - The system package management tool must cryptographically verify the authenticity of system software packages during installation. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000018 - A file integrity baseline must be created. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000043 - The /etc/group file must be group-owned by root. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000046 - Library files must be owned by a system account - '/lib64' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000046 - Library files must be owned by a system account - '/usr/local/lib' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000047 - All system command files must have mode 755 or less permissive - '/bin' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000047 - All system command files must have mode 755 or less permissive - '/sbin' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000050 - The system must require passwords to contain a minimum of 15 characters - /etc/login.defs | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000064 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes (libuser.conf) - libuser.conf. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000082 - IP forwarding for IPv4 must not be enabled, unless the system is a router. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000086 - The system must not accept ICMPv4 secure redirect packets on any interface. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000088 - The system must log Martian packets. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000095 - The system must be configured to use TCP syncookies when experiencing a TCP SYN flood. | DISA STIG Oracle Linux 6 v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL6-00-000097 - The system must use a reverse-path filter for IPv4 network traffic when possible by default. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000107 - The operating system must prevent public IPv6 access into an organizations internal networks, except as appropriately mediated by managed interfaces employing boundary protection devices. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000124 - The Datagram Congestion Control Protocol (DCCP) must be disabled unless required. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000127 - The Transparent Inter-Process Communication (TIPC) protocol must be disabled unless required. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000135 - All rsyslog-generated log files must have mode 0600 or less permissive. | DISA STIG Oracle Linux 6 v2r7 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL6-00-000148 - The operating system must employ automated mechanisms to facilitate the monitoring and control of remote access methods - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000163 - The audit system must switch the system to single-user mode when available audit storage volume becomes dangerously low. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000175 - The operating system must automatically audit account modification - '/etc/group' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000175 - The operating system must automatically audit account modification - '/etc/security/opasswd' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000176 - The operating system must automatically audit account disabling actions - '/etc/shadow' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000177 - The operating system must automatically audit account termination - '/etc/security/opasswd' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000190 - The audit system must be configured to audit all discretionary access control permission modifications using setxattr, lsetxattr, fsetxattr, removexattr, lremovexattr, and fremovexattr - b32 auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000190 - The audit system must be configured to audit all discretionary access control permission modifications using setxattr, lsetxattr, fsetxattr, removexattr, lremovexattr, and fremovexattr - b64 auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - b32 auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - b64 auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - module b64 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000203 - The xinetd service must be disabled if no network services utilizing it are enabled - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000206 - The telnet-server package must not be installed. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000213 - The rsh-server package must not be installed. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000214 - The rshd service must not be running - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000216 - The rexecd service must not be running - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000222 - The tftp-server package must not be installed unless required. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000357 - The system must disable accounts after excessive login failures within a 15-minute interval - system-auth fail_interval | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000383 - Audit log files must have mode 0640 or less permissive. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000510 - The audit system must take appropriate action when the audit storage volume is full. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000516 - The system package management tool must verify ownership on all files and directories associated with packages. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000522 - Audit log files must be group-owned by root. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000526 - Automated file system mounting tools must not be enabled unless needed - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000528 - The noexec option must be added to the /tmp partition. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000536 - The Oracle Linux operating system must use the invoking user's password for privilege escalation when using 'sudo' - runaspw | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000536 - The Oracle Linux operating system must use the invoking user's password for privilege escalation when using 'sudo' - targetpw | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000537 - The Oracle Linux operating system must require re-authentication when using the 'sudo' command - sudo command. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000540 - The Oracle Linux operating system must specify the default 'include' directory for the /etc/sudoers file - include | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
