Skip to content

CIS Red Hat Enterprise Linux 8 Benchmark for Level 1 - Server

Rules and Groups employed by this XCCDF Profile

  • Use Only FIPS 140-2 Validated Ciphers

    Limit the ciphers to those algorithms which are FIPS-approved. Counter (CTR) mode is also preferred over cipher-block chaining (CBC) mode. The foll...
    Rule Medium Severity
  • Ensure Authentication Required for Single User Mode

    Single user mode is used for recovery when the system detects an issue during boot or by manual selection from the bootloader.
    Rule Medium Severity
  • Configure Firewalld to Restrict Loopback Traffic

    Configure <code>firewalld</code> to restrict loopback traffic to the <code>lo</code> interface. The loopback traffic must be trusted by assigning ...
    Rule Medium Severity
  • Configure Firewalld to Trust Loopback Traffic

    Assign loopback interface to the <code>firewalld</code> <code>trusted</code> zone in order to explicitly allow the loopback traffic in the system. ...
    Rule Medium Severity
  • Verify Permissions and Ownership of Old Passwords File

    To properly set the owner of <code>/etc/security/opasswd</code>, run the command: <pre>$ sudo chown root /etc/security/opasswd </pre> To properly ...
    Rule Medium Severity
  • Verify Group Who Owns /etc/shells File

    To properly set the group owner of /etc/shells, run the command:
    $ sudo chgrp root /etc/shells
    Rule Medium Severity
  • Verify Who Owns /etc/shells File

    To properly set the owner of /etc/shells, run the command:
    $ sudo chown root /etc/shells 
    Rule Medium Severity
  • Verify Permissions on /etc/shells File

    To properly set the permissions of /etc/shells, run the command:
    $ sudo chmod 0644 /etc/shells
    Rule Medium Severity
  • Ensure that /etc/cron.allow exists

    The file /etc/cron.allow should exist and should be used instead of /etc/cron.deny.
    Rule Medium Severity
  • Remove ftp Package

    FTP (File Transfer Protocol) is a traditional and widely used standard tool for transferring files between a server and clients over a network, esp...
    Rule Low Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules