DISA STIG for Red Hat Enterprise Linux 9
Rules and Groups employed by this XCCDF Profile
-
Verify Owner on cron.deny
To properly set the owner of/etc/cron.deny, run the command:$ sudo chown root /etc/cron.deny
Rule Medium Severity -
The s-nail Package Is Installed
A mail server is required for sending emails. Thes-nailpackage can be installed with the following command:$ sudo dnf install s-nail
Rule Medium Severity -
Ensure All User Initialization Files Have Mode 0740 Or Less Permissive
Set the mode of the user initialization files, including the <code>root</code> user, to <code>0740</code> with the following commands: <pre> $ sudo chmod 0740 /root/.<i>INIT_FILE</i> $ sudo chmod 0...Rule Medium Severity -
The File /etc/ssh/sshd_config.d/50-redhat.conf Must Exist
The/etc/ssh/sshd_config.d/50-redhat.conffile must exist as it contains important settings to secure SSH.Rule Medium Severity -
SSHD Must Include System Crypto Policy Config File
SSHD should follow the system cryptographic policy. In order to accomplish this the SSHD configuration should include the systemRule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules