hardening-script-el6
hardening-script-el6 copied to clipboard
fcaviggia
DISA STIG/USGCB/NSA SNAC Hardening Scripts for Red Hat Enterprise Linux 6
I am unable to ssh remotely unless coming from same subnet. Please advise me of fix action or things to try
The audit.rules file that is currently in this repo does not work with well with RHEL 6.8 deployments. Something has changed in that my workstations are often times experiencing kernel...
There is a lot of code to remove non FIPS compliant hashing algorithms from aide.conf in aide_hash_algorithims.sh however it ignores the default rule R which uses md5: `#R: p+ftupe+i+l+n+u+g+s+m+c+md5`. A...
Should we change CCE-27593-3-snmpd_not_default_password.sh to pull the password from /dev/random instead of having a different hardcoded default?
When can we get a new build of the current changes to test out? The latest release has an error in the MAC line for sshd_config which prevents the service...
The toggle_ipv6 script doesn't seem to toggle the ipv6. I think that this is due to the "install ipv6 /bin/false" in the blacklist (placed by misc/blacklist.sh) not being commented out...
I've configured a RHEL 6 box with Oracle HTTPD (and an oracle app) that continuously suffers from kernel panic. Majority of the audit events are similar to below. type=SYSCALL msg=audit(1443487841.513:2456187):...
I just got on AWS and was wondering if the AWS scripts will be done soon or if it would probably be faster to just manually STIG my instances. Thanks!
I sent an email about this, but haven't heard back. Do you have info on how to modify the disk encryption options, or have the LUKS password automatically entered? I'd...
This may not be an issue and perhaps is intended behavior. When you uninstall the stig-fix rpm it appears to revert the changes to the system. Is there a way...