DISA STIG with GUI for Oracle Linux 7
Rules and Groups employed by this XCCDF Profile
-
Configure auditd Data Retention
The audit system writes data to <code>/var/log/audit/audit.log</code>. By default, <code>auditd</code> rotates 5 logs by size (6MB), retaining a ma...Group -
Configure audispd Plugin To Send Logs To Remote Server
Configure the audispd plugin to off-load audit records onto a different system or media from the system being audited. Set the <code>remote_server...Rule Medium Severity -
Configure audispd's Plugin disk_full_action When Disk Is Full
Configure the action the operating system takes if the disk the audit records are written to becomes full. Edit the file <code>/etc/audisp/audisp-r...Rule Medium Severity -
Encrypt Audit Records Sent With audispd Plugin
Configure the operating system to encrypt the transfer of off-loaded audit records onto a different system or media from the system being audited. ...Rule Medium Severity -
Configure audispd's Plugin network_failure_action On Network Failure
Configure the action the operating system takes if there is an error sending audit records to a remote system. Edit the file <code>/etc/audisp/audi...Rule Medium Severity -
Configure auditd to use audispd's remote logging daemon
To configure the <code>auditd</code> service to use the <code>audisp-remote</code> plug-in of the <code>audispd</code> audit event multiplexor, set...Rule Medium Severity -
Ensure the audispd's remote logging daemon direction is correct
Ensure the direction of logs in <code>audisp-remote</code> plug-in of the <code>audispd</code> audit event multiplexor is correct. Check that the <...Rule Medium Severity -
Ensure the audispd's remote logging daemon executable is correct
Ensure the executable used by <code>audisp-remote</code> plug-in of the <code>audispd</code> audit event multiplexor is correct. Check that the <co...Rule Medium Severity -
Ensure the audispd's remote logging daemon type is correct
Ensure the type used by <code>audisp-remote</code> plug-in of the <code>audispd</code> audit event multiplexor is correct. Check that the <code>typ...Rule Medium Severity -
Configure auditd mail_acct Action on Low Disk Space
The <code>auditd</code> service can be configured to send email to a designated account in certain situations. Add or correct the following line in...Rule Medium Severity -
Configure auditd space_left Action on Low Disk Space
The <code>auditd</code> service can be configured to take an action when disk space <i>starts</i> to run low. Edit the file <code>/etc/audit/auditd...Rule Medium Severity -
Configure auditd space_left on Low Disk Space
The <code>auditd</code> service can be configured to take an action when disk space is running low but prior to running out of space completely. Ed...Rule Medium Severity -
Set type of computer node name logging in audit logs
To configure Audit daemon to use a unique identifier as computer node name in the audit events, set <code>name_format</code> to <code><xccdf-1.2:su...Rule Medium Severity -
Appropriate Action Must be Setup When the Internal Audit Event Queue is Full
The audit system should have an action setup in the event the internal event queue becomes full. To setup an overflow action edit <code>/etc/audisp...Rule Medium Severity -
GRUB2 bootloader configuration
During the boot process, the boot loader is responsible for starting the execution of the kernel and passing options to it. The boot loader allows ...Group -
Non-UEFI GRUB2 bootloader configuration
Non-UEFI GRUB2 bootloader configurationGroup -
Set the Boot Loader Admin Username to a Non-Default Value
The grub2 boot loader should have a superuser account and password protection enabled to protect boot-time settings. <br><br> To maximize the prote...Rule High Severity -
Boot Loader Is Not Installed On Removeable Media
The system must not allow removable media to be used as the boot loader. Remove alternate methods of booting the system from removable media. <code...Rule Medium Severity -
Set Boot Loader Password in grub2
The grub2 boot loader should have a superuser account and password protection enabled to protect boot-time settings. <br><br> Since plaintext passw...Rule High Severity -
UEFI GRUB2 bootloader configuration
UEFI GRUB2 bootloader configurationGroup
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.