Ensure events that modify user/group information are collected – rules.d /etc/security/opasswd
Details Record events affecting the group , passwd (user IDs), shadow and gshadow (passwords) or /etc/security/opasswd (old passwords, based on...
- Home
- Security Hardening
- CIS Oracle Linux 6 Server L2 V2.0.0
CIS Oracle Linux 6 Server L2 V2.0.0
Ensure events that modify user/group information are collected – rules.d /etc/shadow
Details Record events affecting the group , passwd (user IDs), shadow and gshadow (passwords) or /etc/security/opasswd (old passwords, based on...Ensure GNOME Display Manager is removed
Details The GNOME Display Manager (GDM) is a program that manages graphical display servers and handles graphical user logins. Rationale:...Ensure separate partition exists for /home
Details The /home directory is used to support disk storage needs of local users. Rationale: If the system is intended...Ensure separate partition exists for /var
Details The /var directory is used by daemons and other system services to temporarily store dynamic data. Some directories created...Ensure separate partition exists for /var/log
Details The /var/log directory is used by system services to store log data . Rationale: There are two important reasons...Ensure separate partition exists for /var/log/audit
Details The auditing daemon, auditd , stores log data in the /var/log/audit directory. Rationale: There are two important reasons to...Ensure separate partition exists for /var/tmp
Details The /var/tmp directory is a world-writable directory used for temporary storage by all users and some applications. Rationale: Since...Ensure system is disabled when audit logs are full – ‘action_mail_acct = root’
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...Ensure system is disabled when audit logs are full – ‘admin_space_left_action = halt’
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...