Skip to content

DISA STIG with GUI for Red Hat Enterprise Linux 8

Rules and Groups employed by this XCCDF Profile

  • Disable chrony daemon from acting as server

    The <code>port</code> option in <code>/etc/chrony.conf</code> can be set to <code>0</code> to make chrony daemon to never open any listening port f...
    Rule Low Severity
  • Disable network management of chrony daemon

    The <code>cmdport</code> option in <code>/etc/chrony.conf</code> can be set to <code>0</code> to stop chrony daemon from listening on the UDP port ...
    Rule Low Severity
  • Configure Time Service Maxpoll Interval

    The <code>maxpoll</code> should be configured to <xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_time_service_set_maxpoll" use="legacy...
    Rule Medium Severity
  • Ensure Chrony is only configured with the server directive

    Check that Chrony only has time sources configured with the server directive.
    Rule Medium Severity
  • Obsolete Services

    This section discusses a number of network-visible services which have historically caused problems for system security, and for which disabling or...
    Group

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules