An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2024
Xylok, LLC
Version: v2024.10.3-0fa4-8a67
Xylok
Home Menu
info@xylok.io
© 2024
Xylok, LLC
Version: v2024.10.3-0fa4-8a67
Open sidebar
Navigate
Top
Search
Checks (
244
)
Print
Changes
Pages (
14/17
)
Red Hat Enterprise Linux 7 STIG
Red Hat Enterprise Linux 7 Security Technical Implementation Guide
v3 r14 (Released Jan. 24, 2024)
v3 r13 (Released Oct. 25, 2023)
v3 r12 (Released July 26, 2023)
v3 r11 (Released April 27, 2023)
v3 r10 (Released Jan. 26, 2023)
v3 r9 (Released Oct. 26, 2022)
v3 r8 (Released July 27, 2022)
v3 r7 (Released April 27, 2022)
v3 r6 (Released Jan. 27, 2022)
v3 r5 (Released Oct. 27, 2021)
v3 r4 (Released July 23, 2021)
v3 r3 (Released April 23, 2021)
v3 r2 (Released Jan. 22, 2021)
v3 r1 (Released Oct. 23, 2020)
v2 r8 (Released July 24, 2020)
v2 r7 (Released April 24, 2020)
v3 r0.3 (Released March 31, 2020)
v2 r6 (Released Jan. 24, 2020)
v2 r5 (Released Oct. 25, 2019)
v2 r4 (Released July 26, 2019)
v2 r3 (Released April 26, 2019)
v2 r2 (Released Jan. 25, 2019)
v2 r1 (Released July 27, 2018)
v1 r4 (Released Jan. 26, 2018)
v1 r3 (Released Oct. 27, 2017)
v1 r2 (Released July 28, 2017)
v1 r1 (Released Feb. 27, 2017)
ID
Vuln ID
Title
Cat
Status
RHEL-07-040340
V-204589
The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.
Cat II
RHEL-07-040350
V-204590
The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not allow authentication using rhosts authentication.
Cat II
RHEL-07-040360
V-204591
The Red Hat Enterprise Linux operating system must display the date and time of the last successful account logon upon an SSH logon.
Cat II
RHEL-07-040370
V-204592
The Red Hat Enterprise Linux operating system must not permit direct logons to the root account using remote access via SSH.
Cat II
RHEL-07-040380
V-204593
The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not allow authentication using known hosts authentication.
Cat II
RHEL-07-040390
V-204594
The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use the SSHv2 protocol.
Cat I
RHEL-07-040400
V-204595
The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.
Cat II
RHEL-07-040410
V-204596
The Red Hat Enterprise Linux operating system must be configured so that the SSH public host key files have mode 0644 or less permissive.
Cat II
RHEL-07-040420
V-204597
The Red Hat Enterprise Linux operating system must be configured so that the SSH private host key files have mode 0640 or less permissive.
Cat II
RHEL-07-040430
V-204598
The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not permit Generic Security Service Application Program Interface (GSSAPI) authentication unless needed.
Cat II
RHEL-07-040440
V-204599
The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not permit Kerberos authentication unless needed.
Cat II
RHEL-07-040450
V-204600
The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon performs strict mode checking of home directory configuration files.
Cat II
RHEL-07-040460
V-204601
The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon uses privilege separation.
Cat II
RHEL-07-040470
V-204602
The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not allow compression or only allows compression after successful authentication.
Cat II
RHEL-07-040500
V-204603
The Red Hat Enterprise Linux operating system must, for networked systems, synchronize clocks with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS).
Cat II
Prev
1...
10
11
12
13
14
15
16
17
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.