Skip to content

CIS Red Hat Enterprise Linux 7 Benchmark for Level 2 - Workstation

Rules and Groups employed by this XCCDF Profile

  • Uninstall rsync Package

    The rsyncd service can be used to synchronize files between systems over network links. The <code>rsync</code> package can be removed with the foll...
    Rule Medium Severity
  • Xinetd

    The <code>xinetd</code> service acts as a dedicated listener for some network services (mostly, obsolete ones) and can be used to provide access co...
    Group
  • Uninstall xinetd Package

    The xinetd package can be removed with the following command:
    $ sudo yum erase xinetd
    Rule Low Severity
  • NIS

    The Network Information Service (NIS), also known as 'Yellow Pages' (YP), and its successor NIS+ have been made obsolete by Kerberos, LDAP, and oth...
    Group
  • Remove NIS Client

    The Network Information Service (NIS), formerly known as Yellow Pages, is a client-server directory service protocol used to distribute system conf...
    Rule Unknown Severity
  • Uninstall ypserv Package

    The ypserv package can be removed with the following command:
    $ sudo yum erase ypserv
    Rule High Severity
  • Rlogin, Rsh, and Rexec

    The Berkeley r-commands are legacy services which allow cleartext remote access and have an insecure trust model.
    Group
  • Remove Rsh Trust Files

    The files <code>/etc/hosts.equiv</code> and <code>~/.rhosts</code> (in each user's home directory) list remote hosts and users that are trusted by ...
    Rule High Severity
  • Telnet

    The telnet protocol does not provide confidentiality or integrity for information transmitted on the network. This includes authentication informat...
    Group
  • Uninstall telnet-server Package

    The telnet-server package can be removed with the following command:
    $ sudo yum erase telnet-server
    Rule High Severity
  • Remove telnet Clients

    The telnet client allows users to start connections to other systems via the telnet protocol.
    Rule Low Severity
  • TFTP Server

    TFTP is a lightweight version of the FTP protocol which has traditionally been used to configure networking equipment. However, TFTP provides littl...
    Group
  • Uninstall tftp-server Package

    The tftp-server package can be removed with the following command:
     $ sudo yum erase tftp-server
    Rule High Severity
  • Remove tftp Daemon

    Trivial File Transfer Protocol (TFTP) is a simple file transfer protocol, typically used to automatically transfer configuration or boot files betw...
    Rule Low Severity
  • Proxy Server

    A proxy server is a very desirable target for a potential adversary because much (or all) sensitive data for a given infrastructure may flow throug...
    Group
  • Disable Squid if Possible

    If Squid was installed and activated, but the system does not need to act as a proxy server, then it should be disabled and removed.
    Group
  • Uninstall squid Package

    The squid package can be removed with the following command:
     $ sudo yum erase squid
    Rule Unknown Severity
  • Samba(SMB) Microsoft Windows File Sharing Server

    When properly configured, the Samba service allows Linux systems to provide file and print sharing to Microsoft Windows systems. There are two soft...
    Group
  • Disable Samba if Possible

    Even after the Samba server package has been installed, it will remain disabled. Do not enable this service unless it is absolutely necessary to pr...
    Group
  • Uninstall Samba Package

    The samba package can be removed with the following command:
     $ sudo yum erase samba
    Rule Unknown Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules