Checklist Summary:

The purpose of the United States Government Configuration Baseline (USGCB) initiative is to create security configuration baselines for Information Technology products widely deployed across the federal agencies. The USGCB evolved from the Federal Desktop Core Configuration mandate. The USGCB is a Federal government-wide initiative that provides guidance to agencies on what should be done to improve and maintain an effective configuration settings focusing primarily on security. This checklist represents the candidate USGCB guidance for Red Hat Enterprise Linux 5 Desktop.

Checklist Role:

• Client Operating System

Known Issues:

Spreadsheet containing known issues can be found at http://usgcb.nist.gov/rhel_content.html, under the Documentation column.

Target Audience:

US Federal Agencies

Target Operational Environment:

• Managed

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Do not attempt to implement any of the settings without first testing them in a non-operational environment. These recommendations have only been tested on Red Hat Enterprise Linux 5 Desktop v.5 for 32-bit x86 and Red Hat Enterprise Linux 5 Desktop v.5 for 64-bit x86_64. These settings may be applicable to other Red Hat systems; however NIST has not tested other Red Hat based systems with these settings. Please see the National Checklist Program (NCP) website for configuration guides related to other Red Hat based systems. The draft download packages contain recommended security settings; they are not meant to replace well-structured policy or sound judgment. Furthermore, these recommendations do not address site-specific configuration issues. Care must be taken when implementing these settings to address local operational and policy concerns. These recommendations were developed at the National Institute of Standards and Technology, which collaborated with DoD and Red Hat to produce the Red Hat Enterprise Linux Desktop 5 USGCB candidate. Pursuant to title 17 Section 105 of the United States Code, these recommendations are not subject to copyright protection and are in the public domain. NIST assumes no responsibility whatsoever for their use by other parties, and makes no guarantees, expressed or implied, about their quality, reliability, or any other characteristic. We would appreciate acknowledgment if the recommendations are used.

Product Support:

Not provided.

Point of Contact:

usgcb@nist.gov

Sponsor:

Not provided.

Licensing:

Not provided.

Change History:

11-08-11 - 1.0.5.0 Updated
09-30-11 - 1.0.5.0 Released
07-26-11 - 0.0.4.0-Beta-Candidate Released
03-29-11 - 0.0.4.0-Beta-Candidate Released
02-28-11 - 0.0.4.0-Alpha-Candidate Released
Updated Links to CRSC website - 03/30/2018

Dependency/Requirements:

URL	Description
https://csrc.nist.gov/Projects/United-States-Government-Configuration-Baseline	The United States Government Configuration Baseline (USGCB)
https://csrc.nist.gov/Projects/United-States-Government-Configuration-Baseline/faqs	The United States Government Configuration Baseline (USGCB) - FAQ

References:

Reference URL	Description

NIST checklist record last modified on 03/30/2018