Guide to the Secure Configuration of Red Hat Enterprise Linux 7
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Disable systemd-journal-remote Socket
Journald supports the ability to receive messages from remote hosts, thus acting as a log server. Clients should not receive data from other hosts....Rule Medium Severity -
Dectivate firewalld Rules
Firewalls can be used to separate networks into different zones based on the level of trust the user has decided to place on the devices and traffi...Group -
Ensure nftables Default Deny Firewall Policy
Base chain policy is the default verdict that will be applied to packets reaching the end of the chain. There are two policies: accept (Default) an...Rule Medium Severity -
Verify that All World-Writable Directories Have Sticky Bits Set
When the so-called 'sticky bit' is set on a directory, only the owner of a given file may remove that file from the directory. Without the sticky b...Rule Medium Severity -
Ensure All Files Are Owned by a Group
If any file is not group-owned by a group present in /etc/group, the cause of the lack of group-ownership must be investigated. Following this, tho...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules