Skip to content

Guide to the Secure Configuration of Red Hat Enterprise Linux 8

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Enable syslog-ng Service

    The <code>syslog-ng</code> service (in replacement of rsyslog) provides syslog-style logging by default on Debian. The <code>syslog-ng</code> serv...
    Rule Medium Severity
  • Enable rsyslog to Accept Messages via TCP, if Acting As Log Server

    The <code>rsyslog</code> daemon should not accept remote messages unless the system acts as a log server. If the system needs to act as a central l...
    Rule Unknown Severity
  • Enable rsyslog to Accept Messages via UDP, if Acting As Log Server

    The <code>rsyslog</code> daemon should not accept remote messages unless the system acts as a log server. If the system needs to act as a central l...
    Rule Unknown Severity
  • Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server

    The <code>rsyslog</code> daemon should not accept remote messages unless the system acts as a log server. To ensure that it is not listening on the...
    Rule Medium Severity
  • deny_ptrace SELinux Boolean

    default - Default SELinux boolean setting.
    on - SELinux boolean is enabled.
    off - SELinux boolean is disabled.
    Value

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules