Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Red Hat Enterprise Linux 7

Rules, Groups, and Values defined within the XCCDF Benchmark

  • NetoworkManager DNS Mode

    This sets how NetworkManager handles DNS. none - NetworkManager will not modify resolv.conf. default - NetworkManager will update /etc/resolv.con...
    Value
    Show

  • Allow IMAP Clients to Access the Server

    The default <code>firewalld</code> configuration does not allow inbound access to any services. This modification will allow remote hosts to initi...
    Group
    Show

  • Uninstall cyrus-imapd Package

    The cyrus-imapd package can be removed with the following command: 
    $ sudo yum erase cyrus-imapd
    Rule Unknown Severity
    Show

  • 389 Directory Server

    389 Directory Server is a popular open-source LDAP server for Linux.
    Group
    Show

  • Uninstall 389-ds-base Package

    The 389-ds-base RPM is not installed by default on a Red Hat Enterprise Linux 7 system. It is needed only by the 389-ds server, not by the clients ...
    Rule Low Severity
    Show

  • Disable ypserv Service

    The <code>ypserv</code> service, which allows the system to act as a client in a NIS or NIS+ domain, should be disabled. The <code>ypserv</code> s...
    Rule Medium Severity
    Show

  • SSH Strong MACs by FIPS

    Specify the FIPS approved MACs (Message Authentication Code) algorithms that are used for data integrity protection by the SSH server.
    Value
    Show

  • Remove SSH Server firewalld Firewall exception (Unusual)

    By default, inbound connections to SSH's port are allowed. If the SSH server is not being used, this exception should be removed from the firewall ...
    Rule Unknown Severity
    Show

  • Verify File Hashes with RPM

    Without cryptographic integrity protections, system executables and files can be altered by unauthorized users without detection. The RPM package m...
    Rule High Severity
    Show

  • Ensure /dev/shm is configured

    The <code>/dev/shm</code> is a traditional shared memory concept. One program will create a memory portion, which other processes (if permitted) ca...
    Rule Low Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules