Check for JBOS-AS-000400 passing | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | |
Check for JBoss running as Standalone or Host Controller | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | |
Check for Standalone mode | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | |
DISA_STIG_RedHat_JBoss_EAP_6.3_v2r3.audit from DISA JBoss Enterprise Application Platform 6.3 v2r3 STIG | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | |
JBOS-AS-000010 - HTTP management session traffic must be encrypted. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
JBOS-AS-000015 - HTTPS must be enabled for JBoss web interfaces. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
JBOS-AS-000025 - Java permissions must be set for hosted applications. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
JBOS-AS-000030 - The Java Security Manager must be enabled for the JBoss application server - java.security.manager | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
JBOS-AS-000030 - The Java Security Manager must be enabled for the JBoss application server - java.security.policy | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
JBOS-AS-000035 - The JBoss server must be configured with Role Based Access Controls. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
JBOS-AS-000040 - Users in JBoss Management Security Realms must be in the appropriate role. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
JBOS-AS-000045 - Silent Authentication must be removed from the Default Application Security Realm. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
JBOS-AS-000050 - Silent Authentication must be removed from the Default Management Security Realm. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
JBOS-AS-000075 - JBoss management interfaces must be secured - http-interface | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
JBOS-AS-000075 - JBoss management interfaces must be secured - native-interface | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
JBOS-AS-000080 - The JBoss server must generate log records for access and authentication events to the management interface. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
JBOS-AS-000085 - JBoss must be configured to allow only the ISSM (or individuals or roles appointed by the ISSM) to select which loggable events are to be logged. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
JBOS-AS-000095 - JBoss must be configured to initiate session logging upon startup. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
JBOS-AS-000105 - JBoss must be configured to log the IP address of the remote system connecting to the JBoss system/cluster. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
JBOS-AS-000110 - JBoss must be configured to produce log records containing information to establish what type of events occurred. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
JBOS-AS-000115 - JBoss Log Formatter must be configured to produce log records that establish the date and time the events occurred. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
JBOS-AS-000130 - The application server must produce log records that contain sufficient information to establish the outcome of events. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
JBOS-AS-000165 - File permissions must be configured to protect log information from any type of unauthorized read access. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
JBOS-AS-000195 - JBoss log records must be off-loaded onto a different system or system component a minimum of every seven days. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
JBOS-AS-000220 - JBoss process owner interactive access must be restricted - /etc/passwd shell | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
JBOS-AS-000220 - JBoss process owner interactive access must be restricted - ssh DenyUsers | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
JBOS-AS-000230 - JBoss process owner execution permissions must be limited. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
JBOS-AS-000235 - JBoss QuickStarts must be removed - JBoss QuickStarts must be removed. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
JBOS-AS-000240 - Remote access to JMX subsystem must be disabled. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
JBOS-AS-000245 - Welcome Web Application must be disabled - Welcome Web Application must be disabled. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
JBOS-AS-000250 - Any unapproved applications must be removed - Any unapproved applications must be removed. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
JBOS-AS-000255 - JBoss application and management ports must be approved by the PPSM CAL. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
JBOS-AS-000265 - The JBoss Server must be configured to use certificates to authenticate admins. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
JBOS-AS-000275 - The JBoss server must be configured to use individual accounts and not generic or shared accounts. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
JBOS-AS-000285 - The JBoss server must be configured to bind the management interfaces to only management networks. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
JBOS-AS-000295 - The JBoss Password Vault must be used for storing passwords or other sensitive configuration information - vault | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
JBOS-AS-000295 - The JBoss Password Vault must be used for storing passwords or other sensitive configuration information - vault-option | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
JBOS-AS-000305 - LDAP enabled security realm value allow-empty-passwords must be set to false. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
JBOS-AS-000355 - The JBoss server must separate hosted application functionality from application server management functionality. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
JBOS-AS-000400 - JBoss file permissions must be configured to protect the confidentiality and integrity of application files. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
JBOS-AS-000475 - The application server must prevent non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
JBOS-AS-000550 - Production JBoss servers must log when failed application deployments occur. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
JBOS-AS-000555 - Production JBoss servers must log when successful application deployments occur. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
JBOS-AS-000640 - The JBoss server, when hosting mission critical applications, must be in a high-availability (HA) cluster. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
JBOS-AS-000650 - JBoss must be configured to use an approved TLS version. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
JBOS-AS-000655 - JBoss must be configured to use an approved cryptographic algorithm in conjunction with TLS. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
JBOS-AS-000695 - JBoss must be configured to generate log records when successful/unsuccessful attempts to delete privileges occur. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
JBOS-AS-000700 - JBoss must be configured to generate log records when successful/unsuccessful logon attempts occur. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
JBOS-AS-000710 - JBoss must be configured to generate log records that show starting and ending times for access to the application server management interface. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
RedHat/CentOS 5 is installed | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | |