U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CIS Red Hat Enterprise Linux 5.0-5.1 Benchmark v1.1.2 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Red Hat Enterprise Linux 5 cpe:/o:redhat:enterprise_linux:5 (View CVEs)
Red Hat Enterprise Linux 5.1 cpe:/o:redhat:enterprise_linux:5.1 (View CVEs)

Checklist Highlights

Checklist Name:
CIS Red Hat Enterprise Linux 5.0-5.1 Benchmark
Checklist ID:
188
Version:
v1.1.2
Type:
Compliance
Review Status:
Archived
Authority:
Third Party: Center for Internet Security (CIS)
Original Publication Date:
06/17/2009

Checklist Summary:

This document, Security Configuration Benchmark for Red Hat Enterprise Linux 5, provides prescriptive guidance for establishing a secure configuration posture for Red Hat Enterprise Linux versions 5.0 - 5.1 running on x86 platforms.

Checklist Role:

  • Operating System

Known Issues:

Carefully following the steps in the Benchmark results in a system which is substantially more reliable and secure than a default install of the given OS and results in a system which is not vulnerable (or not AS vulnerable) to many well-known security holes. At the time of this Benchmarks writing, the Center for Internet Securitys consensus-building process resulted in a solid core of security recommendations. These targeted specific, otherwise vulnerable, portions of the Red Hat Enterprise Linux operating system for hardening. Compliance with the Benchmark means the system administrator has executed a regular backup process (which supports disaster recovery), brought the system up to date with patches (system is current) and accomplished the Benchmark recommendations (done the hardening)--AND--continue to actively monitor/manage it, youve done the best possible from a CIS security hardening perspective. When accomplishing Benchmark compliance, CIS recommends a log be kept. This could be a paper trail of notes regarding actions taken and results along the way. A better option would be a terminal window (or windows) with very large numbers of scroll back history where all the actions are accomplished and errors are visible.

Target Audience:

This document is intended for Information System Security Officer (ISSO) and System Administrative(SA) types of folks. Additionally, it should be studied and applied by anyone responsible for installing, maintaining and/or configuring servers operating Red Hat Enterprise Linux 5. In the context of this document, an administrative user is defined as someone who will create and manage user accounts and groups, manage controls for how the operating system performs access control, understands how to set account policies and user rights, is familiar with auditing and real audit logs, and can configure other similar system-related functionality.

Target Operational Environment:

  • Managed

Testing Information:

This Benchmark was developed and tested on Red Hat Enterprise Linux (RHEL) version 5.0 and 5.1 (the initial release and first update).

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

The Center for Internet Security (CIS) provides Benchmarks, scoring tools, software, scripts, data, information, recommendations/suggestions, ideas, and other services and materials from the CIS website or elsewhere (Products) as a public service to Internet users worldwide. Recommendations contained in the Products (Recommendations) result from a consensus-building process that involves collaboration amongst many security experts and are generally generic in nature. The Recommendations are intended to provide helpful information to organizations attempting to evaluate or improve the security of their networks, systems, and devices. Proper use of the Recommendations requires careful analysis and adaptation to specific user requirements, preferably in a lab environment first. These Recommendations are not in any way intended to be a quick fix for information security needs or requirements.

Disclaimer:

CIS makes no representations, warranties, or covenants whatsoever as to: (i) the positive or negative effect of the Products or the Recommendations on the operation or the security of any particular network, computer system, network device, software, hardware, or any component of any of the foregoing (ii) the accuracy, reliability, timeliness, or completeness of the Products or the Recommendations. CIS is providing the Products and the Recommendations as is and as available without representations, warranties, or covenants of any kind

Product Support:

Not provided.

Point of Contact:

cis-feedback@cisecurity.org

Sponsor:

Not provided.

Licensing:

Not provided.

Change History:

04-01-2008-Version 1.1
05-28-2009-Version 1.1.1
06-17-2009-Version 1.1.2

Dependency/Requirements:

URL Description
https://www.redhat.com/security Red Hat Software Patches and related documentation

References:

Reference URL Description

NIST checklist record last modified on 05/31/2012