Check: RHEL-06-000290
Red Hat Enterprise Linux 6 STIG:
RHEL-06-000290
(in versions v2 r2 through v1 r14)
Title
X Windows must not be enabled unless required. (Cat II impact)
Discussion
Unnecessary services should be disabled to decrease the attack surface of the system.
Check Content
To verify the default runlevel is 3, run the following command: # grep initdefault /etc/inittab The output should show the following: id:3:initdefault: If it does not, this is a finding.
Fix Text
Setting the system's runlevel to 3 will prevent automatic startup of the X server. To do so, ensure the following line in "/etc/inittab" features a "3" as shown: id:3:initdefault:
Additional Identifiers
Rule ID: SV-218040r603264_rule
Vulnerability ID: V-218040
Group Title: SRG-OS-000095
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000072 |
The organization ensures that users protect information about remote access mechanisms from unauthorized use and disclosure. |
| CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
| CCI-000382 |
The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services. |
| CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |