Guide to the Secure Configuration of Red Hat Enterprise Linux 8
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Randomize slab freelist
Randomizes the freelist order used on creating new pages. This configuration is available from kernel 5.9, but may be available if backported by di...Rule Medium Severity -
SSH Strong MACs by FIPS
Specify the FIPS approved MACs (Message Authentication Code) algorithms that are used for data integrity protection by the SSH server.Value -
Remove SSH Server firewalld Firewall exception (Unusual)
By default, inbound connections to SSH's port are allowed. If the SSH server is not being used, this exception should be removed from the firewall ...Rule Unknown Severity -
Enable SSH Server firewalld Firewall Exception
If the SSH server is in use, inbound connections to SSH's port should be allowed to permit remote access through SSH. In more restrictive firewalld...Rule Medium Severity -
Use Only Strong Key Exchange algorithms
Limit the Key Exchange to strong algorithms. The following line in <code>/etc/ssh/sshd_config</code> demonstrates use of those: <pre>KexAlgorithms ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules