Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.22 Disable Mounting of hfsplus Filesystems - install hfsplus /bin/true'CIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

1.1.24 Disable Mounting of udf Filesystems - modprobeCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

1.4.1 Enable SELinux in /etc/grub.conf - enforcing != 0CIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

ACCESS CONTROL

1.4.2 Set the SELinux State - SELINUX=enforcingCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

ACCESS CONTROL

2.1.11 Remove xinetdCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

4.2.3 Disable Secure ICMP Redirect Acceptance - net.ipv4.conf.all.secure_redirects = 0CIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

SYSTEM AND INFORMATION INTEGRITY

4.2.3 Disable Secure ICMP Redirect Acceptance - net.ipv4.conf.default.secure_redirects = 0CIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

SYSTEM AND INFORMATION INTEGRITY

5.3.5 Record Events That Modify Date and Time Information - adjtimexCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

5.3.7 Record Events That Modify the System's Network Environment - /etc/sysconfig/networkCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

5.3.9 Collect Login and Logout Events - /var/log/faillogCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.3.11 Collect Discretionary Access Control Permission Modification Events - arch=b64 fchmodatCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

5.3.11 Collect Discretionary Access Control Permission Modification Events - arch=b64 fchownatCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

5.3.12 Collect Unsuccessful Unauthorized Access Attempts to Files - arch=b64 EPERMCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

5.3.14 Collect Successful File System Mounts - arch=b32CIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

6.3.6 Remove the pam_ccreds PackageCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

CONFIGURATION MANAGEMENT

9.2.5 Verify No UID 0 Accounts Exist Other Than rootCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

9.2.6 Ensure root PATH IntegrityCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

9.2.20 Check for Presence of User .forward FilesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

RHEL-06-000003 - The system must use a separate file system for /var/log.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000005 - The audit system must alert designated staff members when the audit storage volume approaches capacity.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000016 - A file integrity tool must be installed.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000020 - The system must use a Linux Security Module configured to enforce limits on system services.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000023 - The system must use a Linux Security Module configured to limit the privileges of system services.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000031 - The /etc/passwd file must not contain password hashes.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000035 - The /etc/shadow file must have mode 0000.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000042 - The /etc/group file must be owned by root.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000046 - Library files must be owned by a system account - '/usr/local/lib/*'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000046 - Library files must be owned by a system account - '/usr/local/lib64/*'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000047 - All system command files must have mode 755 or less permissive - '/usr/bin/*'DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000056 - The system must require passwords to contain at least one numeric character - password-auth.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000058 - The system must require passwords to contain at least one special character - password-auth.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000058 - The system must require passwords to contain at least one special character - system-auth.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000059 - The system must require passwords to contain at least one lower-case alphabetic character - system-auth.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000060 - The system must require at least eight characters be changed between the old and new passwords during a password change - password-auth.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000064 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes (libuser.conf) - libuser.conf.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000067 - The system boot loader configuration file(s) must have mode 0600 or less permissive.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000068 - The system boot loader must require authentication - UEFIDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000078 - The system must implement virtual address space randomization - configDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000082 - IP forwarding for IPv4 must not be enabled, unless the system is a router - sysctlDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000086 - The system must not accept ICMPv4 secure redirect packets on any interface - sysctlDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000090 - The system must not accept ICMPv4 secure redirect packets by default - configDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000093 - The system must ignore ICMPv4 bogus error responses - sysctlDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000095 - The system must be configured to use TCP syncookies when experiencing a TCP SYN flood - configDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-06-000113 - The system must employ a local IPv4 firewall - CHKCONFIGDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000127 - The Transparent Inter-Process Communication (TIPC) protocol must be disabled unless required.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000138 - System logs must be rotated daily - RPM check.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000148 - The operating system must employ automated mechanisms to facilitate the monitoring and control of remote access methods - PROCESS_CHECK.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000154 - The operating system must produce audit records containing sufficient information to establish what type of events occurred - PROCESS_CHECK.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000167 - The audit system must be configured to audit all attempts to alter system time through settimeofday - 32 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000171 - The audit system must be configured to audit all attempts to alter system time through clock_settime - 32 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY