Browse Source

added 030310,030320,030321,030340, and 030350

020630-040160
Kremo 1 year ago
parent
commit
6c45579015
  1. 16
      README.md
  2. 55
      roles/disa-v2r6/tasks/main.yml

16
README.md

@ -32,7 +32,7 @@ This is heavily based on the [MindPointGroup/RHEL7-STIG](https://github.com/Mind
| CAT-II | V-72031 | RHEL-07-020700 |
| CAT-II | V-72033 | RHEL-07-020710 |
| CAT-II | V-72035 | RHEL-07-020720 |
| CAT-II | V-72037 | RHEL-07-020730 | Might be able to automate
| CAT-II | V-72037 | RHEL-07-020730 |
| CAT-II | V-72039 | RHEL-07-020900 |
| CAT-II | V-72043 | RHEL-07-021010 |
| CAT-II | V-72045 | RHEL-07-021020 |
@ -46,17 +46,13 @@ This is heavily based on the [MindPointGroup/RHEL7-STIG](https://github.com/Mind
| CAT-III | V-72061 | RHEL-07-021320 |
| CAT-III | V-72063 | RHEL-07-021330 |
| CAT-III | V-72065 | RHEL-07-021340 |
| CAT-I | V-72067 | RHEL-07-021350 |
| CAT-I | V-72067 | RHEL-07-021350 | mindpoint copies over a golden grub config
| CAT-III | V-72069 | RHEL-07-021600 |
| CAT-III | V-72071 | RHEL-07-021610 |
| CAT-II | V-72073 | RHEL-07-021620 |
| CAT-II | V-72075 | RHEL-07-021700 |
| CAT-I | V-72213 | RHEL-07-032000 |
| CAT-II | V-72219 | RHEL-07-040100 |
| CAT-I | V-72213 | RHEL-07-032000 | AV software (S2CD uses clamav)
| CAT-II | V-72219 | RHEL-07-040100 | Firewall rules
| CAT II | V-72081 | RHEL-07-030010 | can be changed to f1 for availability
| CAT II | V-72083 | RHEL-07-030300 |
| CAT II | V-72087 | RHEL-07-030320 |
| CAT II | V-72063 | RHEL-07-030321 |
| CAT II | V-72089 | RHEL-07-030330 |
| CAT II | V-72091 | RHEL-07-030340 |
| CAT II | V-72093 | RHEL-07-030350 |
| CAT II | V-72083 | RHEL-07-030300 | dont know logging solution
| CAT II | V-72089 | RHEL-07-030330 | dont know partition size

55
roles/disa-v2r6/tasks/main.yml

@ -1527,6 +1527,61 @@
- RHEL-07-030201
- RHEL-07-030210
- name: "CAT-II | RHEL-07-030310 | The Red Hat Enterprise Linux operating system must encrypt the transfer of audit records off-loaded onto a different system or media from the system being audited."
block:
- name: "create /etc/audisp/audisp-remote.conf"
file:
dest: /etc/audisp/audisp-remote.conf
state: touch
owner: root
group: root
mode: 0600
- name: "set krb5 status"
lineinfile:
path: /etc/audisp/audisp-remote.conf
regexp: ^enable_krb5 +=
line: enable_krb5 = yes
tags:
- CAT-II
- RHEL-07-030310
- name: "CAT-II | RHEL-07-030320 | The Red Hat Enterprise Linux operating system must be configured so that the audit system takes appropriate action when the audit storage volume is full."
lineinfile:
path: /etc/audisp/audisp-remote.conf
regexp: ^disk_full_action +=
line: "disk_full_action = single"
tags:
- CAT-II
- RHEL-07-030320
- name: "CAT-II | RHEL-07-030321 | The Red Hat Enterprise Linux operating system must be configured so that the audit system takes appropriate action when there is an error sending audit records to a remote system."
lineinfile:
path: /etc/audisp/audisp-remote.conf
regexp: ^network_failure_action +=
line: "network_failure_action = syslog"
tags:
- CAT-II
- RHEL-07-030321
- name: "CAT-II | RHEL-07-030340 | The Red Hat Enterprise Linux operating system must immediately notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) via email when the threshold for the repository maximum audit record storage capacity is reached."
lineinfile:
path: /etc/audit/auditd.conf
regexp: ^space_left_action +=
line: "space_left_action = email"
tags:
- CAT-II
- RHEL-07-030340
- name: "CAT-II| RHEL-07-030350 | The Red Hat Enterprise Linux operating system must immediately notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when the threshold for the repository maximum audit record storage capacity is reached."
lineinfile:
path: /etc/audit/auditd.conf
regexp: ^action_mail_acct +=
line: "action_mail_acct = root"
tags:
- CAT-II
- RHEL-07-030350
- name: "CAT II | RHEL-07-030360 | The Red Hat Enterprise Linux operating system must audit all executions of privileged functions."
block:
- name: "Create an Audit config file to house all the DISA STIG RULES"

Loading…
Cancel
Save