Red Hat Enterprise Linux 9 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

RHEL 9 must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments.

<VulnDiscussion>To prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embeddi...

Rule Medium Severity

Show

SRG-OS-000480-GPOS-00227

Group

Show

RHEL 9 network interfaces must not be in promiscuous mode.

<VulnDiscussion>Network interfaces in promiscuous mode allow for the capture of all network traffic visible to the system. If unauthorized in...

Rule Medium Severity

Show

SRG-OS-000480-GPOS-00227

Group

Show

RHEL 9 must have the firewalld package installed.

<VulnDiscussion>"Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols....

Rule Medium Severity

Show

SRG-OS-000096-GPOS-00050

Group

Show

The firewalld service on RHEL 9 must be active.

<VulnDiscussion>"Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols....

Rule Medium Severity

Show

SRG-OS-000480-GPOS-00227

Group

Show

A RHEL 9 firewall must employ a deny-all, allow-by-exception policy for allowing connections to other systems.

<VulnDiscussion>Failure to restrict network connectivity only to authorized systems permits inbound connections from malicious systems. It al...

Rule Medium Severity

Show

SRG-OS-000420-GPOS-00186

Group

Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity

Modules