Guide to the Secure Configuration of Red Hat Enterprise Linux 7
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Uninstall dnsmasq Package
dnsmasq is a lightweight tool that provides DNS caching, DNS forwarding and DHCP (Dynamic Host Configuration Protocol) services. <br> The <code>dns...Rule Low Severity -
Remove ftp Package
FTP (File Transfer Protocol) is a traditional and widely used standard tool for transferring files between a server and clients over a network, esp...Rule Low Severity -
Configure Firewalls to Protect the FTP Server
By default, <code>firewalld</code> blocks access to the ports used by the web server. To configure <code>firewalld</code> to allow <code>ftp</co...Rule Unknown Severity -
Uninstall nginx Package
Thenginxpackage can be removed with the following command:$ sudo yum erase nginx
Rule Unknown Severity -
Configure firewall to Allow Access to the Web Server
By default, <code>firewalld</code> blocks access to the ports used by the web server. To configure <code>firewalld</code> to allow <code>http</co...Rule Low Severity -
Enable SSH Server firewalld Firewall Exception
If the SSH server is in use, inbound connections to SSH's port should be allowed to permit remote access through SSH. In more restrictive firewalld...Rule Medium Severity -
Use Only Strong MACs
Limit the MACs to strong hash algorithms. The following line in <code>/etc/ssh/sshd_config</code> demonstrates use of those MACs: <pre>MACs <xccdf-...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules