| RHEL-09-211030 - The graphical display manager must not be the default target on RHEL 9 unless approved. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-212015 - RHEL 9 must disable the ability of systemd to spawn an interactive boot process. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-213070 - RHEL 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-213090 - RHEL 9 must disable storing core dumps. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-213095 - RHEL 9 must disable core dumps for all users. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215030 - RHEL 9 must not have the ypserv package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215045 - RHEL 9 must not have the gssproxy package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215080 - RHEL 9 must have the gnutls-utils package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215085 - RHEL 9 must have the nss-tools package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215090 - RHEL 9 must have the rng-tools package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231080 - RHEL 9 must prevent code from being executed on file systems that are used with removable media. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232035 - RHEL 9 audit tools must have a mode of 0755 or less permissive. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-232045 - All RHEL 9 local initialization files must have mode 0740 or less permissive. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232055 - RHEL 9 /etc/group file must have mode 0644 or less permissive to prevent unauthorized access. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232080 - RHEL 9 /etc/passwd- file must have mode 0644 or less permissive to prevent unauthorized access. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232104 - RHEL 9 "/etc/audit/" must be group-owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-232115 - RHEL 9 /etc/gshadow file must be group-owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232130 - RHEL 9 /etc/passwd file must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232175 - RHEL 9 /var/log directory must be group-owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-232180 - RHEL 9 /var/log/messages file must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-232225 - RHEL 9 audit tools must be group-owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-251035 - RHEL 9 must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-253055 - RHEL 9 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-253060 - RHEL 9 must limit the number of bogus Internet Control Message Protocol (ICMP) response errors logs. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-254025 - RHEL 9 must not enable IPv6 packet forwarding unless the system is a router. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-254040 - RHEL 9 must not forward IPv6 source-routed packets by default. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255145 - RHEL 9 SSH daemon must not allow rhosts authentication. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255165 - RHEL 9 SSH daemon must display the date and time of the last successful account logon upon an SSH logon. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-271105 - RHEL 9 must disable the ability of a user to accidentally press Ctrl-Alt-Del and cause a system to shut down or reboot. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-271115 - RHEL 9 must disable the user list at logon for graphical user interfaces. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-291030 - RHEL 9 must block unauthorized peripherals before establishing a connection. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-411035 - RHEL 9 system accounts must not have an interactive login shell. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411070 - All RHEL 9 local interactive user home directories must be group-owned by the home directory owner's primary group. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300016 - Ubuntu 24.04 LTS must be configured so that when passwords are changed or new passwords are established, pwquality must be used. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300020 - Ubuntu 24.04 LTS must require users to provide a password for privilege escalation. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300030 - Ubuntu 24.04 LTS default filesystem permissions must be defined in such a way that all authenticated users can read and modify only their own files. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-600000 - Ubuntu 24.04 LTS must immediately terminate all network connections associated with SSH traffic after a period of inactivity. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-24-600230 - Ubuntu 24.04 LTS must disable all wireless network adapters. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-24-700080 - Ubuntu 24.04 LTS must configure the directories used by the system journal to be owned by "root". | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-700090 - Ubuntu 24.04 LTS must configure the files used by the system journal to be owned by "root" | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-700100 - Ubuntu 24.04 LTS must configure the /var/log directory to be group-owned by syslog. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-900110 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the ssh-agent command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900120 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the ssh-keysign command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900180 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the sudoedit command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900220 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the apparmor_parser command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900230 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the setfacl command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900270 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the passwd command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-901260 - Ubuntu 24.04 LTS must have directories that contain system commands set to a mode of "0755" or less permissive. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-901280 - Ubuntu 24.04 LTS must have directories that contain system commands group-owned by root. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-909000 - Ubuntu 24.04 LTS audit system must protect auditing rules from unauthorized change. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
