) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
CIS Red Hat Enterprise Linux 5.0-5.1 Benchmark v1.1.2 Checklist Details (Checklist Revisions)
NOTE
This is not the current revision of this Checklist, view the current revision.
Supporting Resources:
-
Download Prose - Prose guide for checklist entitled Red Hat Enterprise Linux 5 version 1.1
- Center for Internet Security (CIS)
Target:
| Target | CPE Name |
|---|---|
| Red Hat Enterprise Linux 5 | cpe:/o:redhat:enterprise_linux:5 (View CVEs) |
| Red Hat Enterprise Linux 5.1 | cpe:/o:redhat:enterprise_linux:5.1 (View CVEs) |
Checklist Highlights
- Checklist Name:
- CIS Red Hat Enterprise Linux 5.0-5.1 Benchmark
- Checklist ID:
- 188
- Version:
- v1.1.2
- Type:
- Compliance
- Review Status:
- Final
- Authority:
- Third Party: Center for Internet Security (CIS)
- Original Publication Date:
- 03/31/2008
Checklist Summary:
Red Hat Enterprise Linux version 5 (RHEL5) is the new server-class release from Red Hat, Inc, that stabilizes SELinux, has been Common Criteria evaluated at EAL4+ and brings further stability and robustness to the enterprise level with this OS. Security hardening remains a vital element to the defense-in-depth approach for all computing elements within the enterprise.
Checklist Role:
- Operating System
Known Issues:
Carefully following the steps in the Benchmark results in a system which is substantially more reliable and secure than a default install of the given OS and results in a system which is not vulnerable (or not AS vulnerable) to many well-known security holes. At the time of this Benchmarks writing, the Center for Internet Securitys consensus-building process resulted in a solid core of security recommendations. These targeted specific, otherwise vulnerable, portions of the Red Hat Enterprise Linux operating system for hardening. Compliance with the Benchmark means the system administrator has executed a regular backup process (which supports disaster recovery), brought the system up to date with patches (system is current) and accomplished the Benchmark recommendations (done the hardening)--AND--continue to actively monitor/manage it, youve done the best possible from a CIS security hardening perspective. When accomplishing Benchmark compliance, CIS recommends a log be kept. This could be a paper trail of notes regarding actions taken and results along the way. A better option would be a terminal window (or windows) with very large numbers of scroll back history where all the actions are accomplished and errors are visible.
Target Audience:
This document is intended for Information System Security Officer (ISSO) and System Administrative(SA) types of folks. Additionally, it should be studied and applied by anyone responsible for installing, maintaining and/or configuring servers operating Red Hat Enterprise Linux 5. In the context of this document, an administrative user is defined as someone who will create and manage user accounts and groups, manage controls for how the operating system performs access control, understands how to set account policies and user rights, is familiar with auditing and real audit logs, and can configure other similar system-related functionality.
Target Operational Environment:
- Managed
Testing Information:
Not provided.
Regulatory Compliance:
Not provided.
Comments/Warnings/Miscellaneous:
The Center for Internet Security (CIS) provides Benchmarks, scoring tools, software, scripts, data, information, recommendations/suggestions, ideas, and other services and materials from the CIS website or elsewhere (Products) as a public service to Internet users worldwide. Recommendations contained in the Products (Recommendations) result from a consensus-building process that involves collaboration amongst many security experts and are generally generic in nature. The Recommendations are intended to provide helpful information to organizations attempting to evaluate or improve the security of their networks, systems, and devices. Proper use of the Recommendations requires careful analysis and adaptation to specific user requirements, preferably in a lab environment first. These Recommendations are not in any way intended to be a quick fix for information security needs or requirements.
Disclaimer:
CIS makes no representations, warranties, or covenants whatsoever as to: (i) the positive or negative effect of the Products or the Recommendations on the operation or the security of any particular network, computer system, network device, software, hardware, or any component of any of the foregoing (ii) the accuracy, reliability, timeliness, or completeness of the Products or the Recommendations. CIS is providing the Products and the Recommendations as is and as available without representations, warranties, or covenants of any kind
Product Support:
Not provided.
Point of Contact:
cis-feedback@cisecurity.org
Sponsor:
Not provided.
Licensing:
Not provided.
Change History:
Version 1.0: 2008-01 Version 1.0.5: 2006-08 Version 1.0.4: 2005-12-10 Version 1.0.3: 2005-02-17 Version 1.0.2: 2005-01-17 Version 1.0.1: 2005-01-17 Version 1.1.0: 2003-07-29
Dependency/Requirements:
| URL | Description |
|---|---|
| https://www.redhat.com/security | Red Hat Software Patches and related documentation |
References:
| Reference URL | Description |
|---|