Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3 Set nosuid option for /tmp PartitionCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.4 Set noexec option for /tmp PartitionCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

1.1.7 Create Separate Partition for /var/logCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

1.1.15 Add nosuid Option to /dev/shm PartitionCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.6 Obtain Software Package Updates with yumCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

1.2.7 Verify Package Integrity Using RPMCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

1.6.4 Enable XD/NX Support on 32-bit x86 Systems - kernel-PAECIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.4 Remove rshCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

2.1.6 Remove NIS ServerCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.1.1 Disable Avahi ServerCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.1.2 Service Only via Required Protocol - use-ipv6=no'CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.1.4 Prevent Other Programs from Using Avahi's Port - disallow-other-stacks=yesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.3 Remove X Windows - X Window SystemCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.5 Remove DHCP ServerCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.8 Disable NFS and RPC - rpcidmapdCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

4.4.1.2 Disable IPv6 Redirect Acceptance - net.ipv6.conf.default.accept_redirect = 0CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

4.6.4 Disable TIPCCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

5.1.1 Configure /etc/syslog.conf - daemonCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.1.1 Configure /etc/syslog.conf - syslogCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.1.2 Create and Set Permissions on syslog Log Files - /var/log/kern.logCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

5.1.3 Configure syslog to Send Logs to a Remote Log Host - *.* @loghost.example.comCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.1.4 Accept Remote syslog Messages Only on Designated Log Hosts - loghostCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.2.3 Configure /etc/rsyslog.conf - auth,user /var/log/messagesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.2.3 Configure /etc/rsyslog.conf - daemon /var/log/daemon.logCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.2.4 Create and Set Permissions on rsyslog Log Files - /var/log/kern.logCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.2.4 Create and Set Permissions on rsyslog Log Files - /var/log/messagesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.4 Configure logrotate - '/var/log/cron'CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000269 - Remote file systems must be mounted with the nodev option.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000271 - The noexec option must be added to removable media partitions.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000280 - The system package management tool must verify group-ownership on all files and directories associated with the audit package.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000296 - All accounts on the system must have unique user or account namesDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000298 - Emergency accounts must be provisioned with an expiration date.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000302 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000305 - The operating system must provide a near real-time alert when any of the organization defined list of compromise or potential compromise indicators occurs.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000309 - The NFS server must not have the insecure file locking option enabled.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000321 - The system must provide VPN connectivity for communications over untrusted networks.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000326 - The Department of Defense (DoD) login banner must be displayed immediately prior to, or as part of, graphical desktop environment login prompts.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000339 - The FTP daemon must be configured for logging or verbose mode - 'xferlog_enable = yes'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000343 - The system default umask for the csh shell must be 077.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000346 - The system default umask for daemons must be 027 or 022.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000349 - The system must be configured to require the use of a CAC, PIV compliant hardware token, or Alternate Logon Token (ALT) for authentication - ALT for authentication.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000356 - The system must require administrator action to unlock an account locked by excessive failed login attempts - 'password-auth auth required'DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000357 - The system must disable accounts after excessive login failures within a 15-minute interval - password-auth account requiredDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000357 - The system must disable accounts after excessive login failures within a 15-minute interval - sys-auth auth [default=die]DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000357 - The system must disable accounts after excessive login failures within a 15-minute interval - system-auth account requiredDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000515 - The NFS server must not have the all_squash option enabled.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000517 - The system package management tool must verify group-ownership on all files and directories associated with packages.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000525 - Auditing must be enabled at boot by setting a kernel parameter - BIOSDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000526 - Automated file system mounting tools must not be enabled unless needed - PROCESSDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-07-030000 - The Red Hat Enterprise Linux operating system must be configured so that auditing is configured to produce records containing information to establish what type of events occurred, where the events occurred, the source of the events, and the outcome of the events. These audit records must also identify individual identities of group account users.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY