STIG rules for RHEL6 addressed with restrictions

The following section details the STIG rules for Red Hat Enterprise Linux (RHEL) 6 that have been successfully addressed in BMC Discovery 11.0 but have restrictions.

Note

The table provides links to STIG rule descriptions and details on the STIGviewer website. STIGviewer provides an online, searchable index of Public Domain STIG content, though is not related to DISA. Its content may not be up to date.

Rule number

Description

RHEL-06-000003 V-38463

The system must use a separate file system for /var/log.
Note — Only applicable to systems kickstarted in 11.0 or later or upgraded from systems kickstarted in 9.0.2 or later.

RHEL-06-000004 V-38467

The system must use a separate file system for the system audit data path.
Note — Only applicable to systems kickstarted in 11.0 or upgraded from systems kickstarted in 9.0.2 or later.

RHEL-06-000349 V-38595

The system must be configured to require the use of a CAC, PIV compliant hardware token, or Alternate Logon Token (ALT) for authentication.
Note — By default, CAC, PIV compliant hardware tokens, and Alternate Logon Tokens (ALT) are not supported authentication mechanisms. BMC Discovery can be configured to use BMC Atrium SSO which connects to the authentication mechanism being used.

RHEL-06-000518 V-38452

Permissions of files should match the permissions expected in the RPM database.
Note — During the application of STIG rule configurations we change the permissions of various files, particularly removing setuid of root, and these files will appear during this test.

Was this page helpful? Yes No Submitting... Thank you

Comments