content icon indicating copy to clipboard operation
content copied to clipboard
verified publisher icon ComplianceAsCode

RHEL8 ISM O - Rules missing `ism` reference

Open mildas opened this issue 1 year ago • 0 comments

Description of problem:

When testing for missing references, a huge list of ISM O rules without ism reference has been reported:

  • audit_rules_execution_seunshare
  • package_firewalld_installed
  • auditd_name_format
  • sudo_remove_nopasswd
  • mount_option_dev_shm_noexec
  • file_ownership_binary_dirs
  • sudo_require_authentication
  • rpm_verify_hashes
  • audit_rules_login_events_faillock
  • auditd_local_events
  • sysctl_kernel_randomize_va_space
  • file_permissions_unauthorized_suid
  • audit_rules_dac_modification_chown
  • file_permissions_sshd_private_key
  • configure_ssh_crypto_policy
  • mount_option_dev_shm_nosuid
  • package_rsyslog_installed
  • file_permissions_unauthorized_sgid
  • sshd_disable_x11_forwarding
  • sudo_remove_no_authenticate
  • audit_rules_time_watch_localtime
  • no_empty_passwords
  • file_permissions_library_dirs
  • audit_rules_time_clock_settime
  • audit_rules_dac_modification_chmod
  • auditd_data_retention_flush
  • sshd_do_not_permit_user_env
  • audit_rules_login_events_lastlog
  • ensure_gpgcheck_never_disabled
  • audit_rules_time_settimeofday
  • ensure_gpgcheck_globally_activated
  • audit_rules_execution_setsebool
  • audit_rules_networkconfig_modification
  • file_permissions_binary_dirs
  • package_talk_removed
  • package_ypbind_removed
  • sshd_enable_strictmodes
  • audit_rules_time_stime
  • package_telnet_removed
  • auditd_write_logs
  • sysctl_kernel_unprivileged_bpf_disabled
  • rpm_verify_ownership
  • enable_authselect
  • network_sniffer_disabled
  • audit_rules_time_adjtimex
  • service_firewalld_enabled
  • package_quagga_removed
  • ensure_redhat_gpgkey_installed
  • audit_rules_login_events
  • package_fapolicyd_installed
  • sshd_disable_rhosts
  • audit_rules_kernel_module_loading
  • package_rsh-server_removed
  • sysctl_kernel_kexec_load_disabled
  • file_ownership_library_dirs
  • sshd_print_last_log
  • ensure_gpgcheck_local_packages
  • audit_rules_execution_restorecon
  • file_permissions_unauthorized_world_writable
  • sshd_disable_empty_passwords
  • service_telnet_disabled
  • sysctl_kernel_yama_ptrace_scope
  • audit_rules_execution_chcon
  • service_auditd_enabled
  • security_patches_up_to_date
  • sshd_set_loglevel_info
  • service_xinetd_disabled
  • service_squid_disabled
  • audit_rules_execution_semanage
  • auditd_log_format
  • package_telnet-server_removed
  • rpm_verify_permissions
  • selinux_policytype
  • service_rsyslog_enabled
  • package_rear_installed
  • dir_perms_world_writable_sticky_bits
  • audit_rules_execution_setfiles
  • audit_rules_login_events_tallylog
  • package_squid_removed
  • audit_rules_usergroup_modification
  • package_talk-server_removed
  • service_fapolicyd_enabled
  • sysctl_net_core_bpf_jit_harden
  • package_xinetd_removed
  • sysctl_kernel_dmesg_restrict
  • dnf-automatic_security_updates_only
  • sshd_disable_root_login
  • sysctl_kernel_kptr_restrict
  • usbguard_allow_hid_and_hub
  • service_avahi-daemon_disabled
  • audit_rules_sysadmin_actions
  • sshd_enable_warning_banner
  • service_zebra_disabled
  • package_rsh_removed
  • sshd_disable_user_known_hosts
  • sysctl_kernel_exec_shield
  • selinux_state
  • accounts_no_uid_except_zero
  • auditd_freq
  • mount_option_dev_shm_nodev

SCAP Security Guide Version:

master

Operating System Version:

RHEL8

mildas avatar Sep 25 '24 13:09 mildas