Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Red Hat Enterprise Linux 10

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The Chrony package is installed

    System time should be synchronized between all systems in an environment. This is typically done by establishing an authoritative time server or se...
    Rule Medium Severity
    Show

  • Uninstall tftp-server Package

    The tftp-server package can be removed with the following command: 
     $ sudo dnf remove tftp-server
    Rule High Severity
    Show

  • Remove tftp Daemon

    Trivial File Transfer Protocol (TFTP) is a simple file transfer protocol, typically used to automatically transfer configuration or boot files betw...
    Rule Low Severity
    Show

  • Ensure tftp systemd Service Uses Secure Mode

    If running the Trivial File Transfer Protocol (TFTP) service is necessary, it should be configured to change its root directory at startup. To do s...
    Rule Medium Severity
    Show

  • Print Support

    The Common Unix Printing System (CUPS) service provides both local and network printing support. A system running the CUPS service can accept print...
    Group
    Show

  • Disable the CUPS Service

    The cups service can be disabled with the following command: 
    $ sudo systemctl mask --now cups.service
    Rule Unknown Severity
    Show

  • Proxy Server

    A proxy server is a very desirable target for a potential adversary because much (or all) sensitive data for a given infrastructure may flow throug...
    Group
    Show

  • Disable Squid if Possible

    If Squid was installed and activated, but the system does not need to act as a proxy server, then it should be disabled and removed.
    Group
    Show

  • Uninstall squid Package

    The squid package can be removed with the following command: 
     $ sudo dnf remove squid
    Rule Unknown Severity
    Show

  • Disable Squid

    The squid service can be disabled with the following command: 
    $ sudo systemctl mask --now squid.service
    Rule Unknown Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules