Red Hat Enterprise Linux 9 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
RHEL 9 must not have the sendmail package installed.
<VulnDiscussion>The sendmail software was not developed with security in mind, and its design prevents it from being effectively contained by...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
RHEL 9 must not have the nfs-utils package installed.
<VulnDiscussion>"nfs-utils" provides a daemon for the kernel NFS server and related tools. This package also contains the "showmount" program...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
RHEL 9 must not have the ypserv package installed.
<VulnDiscussion>The NIS service provides an unencrypted authentication service, which does not provide for the confidentiality and integrity ...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
RHEL 9 must not have the rsh-server package installed.
<VulnDiscussion>The "rsh-server" service provides unencrypted remote access service, which does not provide for the confidentiality and integ...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
RHEL 9 must not have the telnet-server package installed.
<VulnDiscussion>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
RHEL 9 must not have the gssproxy package installed.
<VulnDiscussion>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
RHEL 9 must not have the iprutils package installed.
<VulnDiscussion>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...Rule Medium Severity -
SRG-OS-000095-GPOS-00049
<GroupDescription></GroupDescription>Group -
RHEL 9 must not have the tuned package installed.
<VulnDiscussion>It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission ob...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
RHEL 9 must not have a Trivial File Transfer Protocol (TFTP) server package installed.
<VulnDiscussion>Removing the "tftp-server" package decreases the risk of the accidental (or intentional) activation of tftp services. If TFT...Rule High Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
RHEL 9 must not have the quagga package installed.
<VulnDiscussion>Quagga is a network routing software suite providing implementations of Open Shortest Path First (OSPF), Routing Information ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.