Ensure separate partition exists for /var
Details The /var directory is used by daemons and other system services to temporarily store dynamic data. Some directories created...
- Home
- Security Hardening
- CIS Oracle Linux 7 Workstation L2 V3.1.1
CIS Oracle Linux 7 Workstation L2 V3.1.1
Ensure separate partition exists for /var/log
Details The /var/log directory is used by system services to store log data. Rationale: There are two important reasons to...Ensure separate partition exists for /var/log/audit
Details The auditing daemon, auditd , stores log data in the /var/log/audit directory. Rationale: There are two important reasons to...Ensure separate partition exists for /var/tmp
Details The /var/tmp directory is a world-writable directory used for temporary storage by all users and some applications and is...Ensure system is disabled when audit logs are full – ‘action_mail_acct = root’
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...Ensure system is disabled when audit logs are full – ‘admin_space_left_action = halt’
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...Ensure system is disabled when audit logs are full – ‘space_left_action = email’
Details The auditd daemon can be configured to halt the system when the audit logs are full. Rationale: In high...Ensure the SELinux mode is enforcing – /etc/selinux/config
Details SELinux can run in one of three modes: disabled, permissive, or enforcing: Enforcing – Is the default, and recommended,...Ensure the SELinux mode is enforcing – getenforce
Details SELinux can run in one of three modes: disabled, permissive, or enforcing: Enforcing – Is the default, and recommended,...Ensure wireless interfaces are disabled
Details Wireless networking is used when wired networks are unavailable. Rationale: If wireless is not to be used, wireless devices...