Check for Unconfined Daemons
Details Daemons that are not defined in SELinux policy will inherit the security context of their parent process. Rationale: Since...
- Home
- Security Hardening
- CIS Red Hat Enterprise Linux 5 L2 V2.2 1
CIS Red Hat Enterprise Linux 5 L2 V2.2 1
Collect Login and Logout Events – /var/log/btmp
Details Monitor login and logout events. The parameters below track changes to files associated with login/logout events. The file /var/log/faillog...Collect Login and Logout Events – /var/log/faillog
Details Monitor login and logout events. The parameters below track changes to files associated with login/logout events. The file /var/log/faillog...Collect Login and Logout Events – /var/log/lastlog
Details Monitor login and logout events. The parameters below track changes to files associated with login/logout events. The file /var/log/faillog...Collect Login and Logout Events – /var/log/tallylog
Details Monitor login and logout events. The parameters below track changes to files associated with login/logout events. The file /var/log/faillog...Configure Audit Log Storage Size
Details Configure the maximum size of the audit log file. Once the log reaches the maximum size, it will be...Disable MCS Translation Service (mcstrans)
Details The mcstransd daemon provides category label information to client processes requesting information. The label translations are defined in /etc/selinux/targeted/setrans.conf...Disable Mounting of cramfs Filesystems – install cramfs /bin/true’
Details The cramfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A cramfs image can...Disable Mounting of freevxfs Filesystems – install freevxfs /bin/true’
Details The freevxfs filesystem type is a free version of the Veritas type filesystem. This is the primary filesystem type...Disable Mounting of hfs Filesystems – install hfs /bin/true’
Details The hfs filesystem type is a hierarchical filesystem that allows you to mount Mac OS filesystems. Rationale: Removing support...