DRAFT - DISA STIG for Red Hat Enterprise Linux 10
Rules and Groups employed by this XCCDF Profile
-
Configure Time Service Maxpoll Interval
The <code>maxpoll</code> should be configured to <xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_time_service_set_maxpoll" use="legacy"></xccdf-1.2:sub> in <code>/etc/ntp.conf</code> o...Rule Medium Severity -
Ensure Chrony is only configured with the server directive
Check that Chrony only has time sources configured with theserverdirective.Rule Medium Severity -
Obsolete Services
This section discusses a number of network-visible services which have historically caused problems for system security, and for which disabling or severely limiting the service has been the best a...Group -
Rlogin, Rsh, and Rexec
The Berkeley r-commands are legacy services which allow cleartext remote access and have an insecure trust model.Group -
Remove Host-Based Authentication Files
The <code>shosts.equiv</code> file lists remote hosts and users that are trusted by the local system. To remove these files, run the following command to delete them from any location: <pre>$ sudo ...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules