Guide to the Secure Configuration of Red Hat Enterprise Linux 8
Rules, Groups, and Values defined within the XCCDF Benchmark
-
net.ipv4.tcp_invalid_ratelimit
Configure the maximal rate for sending duplicate acknowledgments in response to incoming invalid TCP packets.Value -
Remove iptables-services Package
Theiptables-servicespackage can be removed with the following command:$ sudo yum erase iptables-services
Rule Medium Severity -
Strengthen the Default Ruleset
The default rules can be strengthened. The system scripts that activate the firewall rules expect them to be defined in configuration files under t...Group -
Configure the Firewalld Ports
Configure the <code>firewalld</code> ports to allow approved services to have access to the system. To configure <code>firewalld</code> to open por...Rule Medium Severity -
Firewalld Must Employ a Deny-all, Allow-by-exception Policy for Allowing Connections to Other Systems
Red Hat Enterprise Linux 8 incorporates the "firewalld" daemon, which allows for many different configurations. One of these configurations is zone...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules