audit_rules_execution_chconRecord Any Attempts to Run chcon
audit_rules_execution_semanageRecord Any Attempts to Run semanage
audit_rules_execution_setseboolRecord Any Attempts to Run setsebool
audit_rules_immutableMake the auditd Configuration Immutable
audit_rules_kernel_module_loadingEnsure auditd Collects Information on Kernel Module Loading and Unloading
audit_rules_kernel_module_loading_deleteEnsure auditd Collects Information on Kernel Module Unloading - delete_module
audit_rules_kernel_module_loading_finitEnsure auditd Collects Information on Kernel Module Loading and Unloading - finit_module
audit_rules_kernel_module_loading_initEnsure auditd Collects Information on Kernel Module Loading - init_module
audit_rules_login_eventsRecord Attempts to Alter Logon and Logout Events
audit_rules_login_events_faillockRecord Attempts to Alter Logon and Logout Events - faillock
audit_rules_login_events_lastlogRecord Attempts to Alter Logon and Logout Events - lastlog
audit_rules_login_events_tallylogRecord Attempts to Alter Logon and Logout Events - tallylog
audit_rules_media_exportEnsure auditd Collects Information on Exporting to Media (successful)
audit_rules_networkconfig_modificationRecord Events that Modify the System's Network Environment
audit_rules_privileged_commandsEnsure auditd Collects Information on the Use of Privileged Commands
audit_rules_privileged_commands_chageEnsure auditd Collects Information on the Use of Privileged Commands - chage
audit_rules_privileged_commands_chshEnsure auditd Collects Information on the Use of Privileged Commands - chsh
audit_rules_privileged_commands_crontabEnsure auditd Collects Information on the Use of Privileged Commands - crontab
audit_rules_privileged_commands_gpasswdEnsure auditd Collects Information on the Use of Privileged Commands - gpasswd
audit_rules_privileged_commands_pam_timestamp_checkEnsure auditd Collects Information on the Use of Privileged Commands - pam_timestamp_check
audit_rules_privileged_commands_passwdEnsure auditd Collects Information on the Use of Privileged Commands - passwd
audit_rules_privileged_commands_postdropEnsure auditd Collects Information on the Use of Privileged Commands - postdrop
audit_rules_privileged_commands_postqueueEnsure auditd Collects Information on the Use of Privileged Commands - postqueue
audit_rules_privileged_commands_ssh_keysignEnsure auditd Collects Information on the Use of Privileged Commands - ssh-keysign
audit_rules_privileged_commands_suEnsure auditd Collects Information on the Use of Privileged Commands - su
audit_rules_privileged_commands_sudoEnsure auditd Collects Information on the Use of Privileged Commands - sudo
audit_rules_privileged_commands_umountEnsure auditd Collects Information on the Use of Privileged Commands - umount
audit_rules_privileged_commands_unix_chkpwdEnsure auditd Collects Information on the Use of Privileged Commands - unix_chkpwd
audit_rules_sysadmin_actionsEnsure auditd Collects System Administrator Actions
audit_rules_time_adjtimexRecord attempts to alter time through adjtimex
audit_rules_time_clock_settimeRecord Attempts to Alter Time Through clock_settime
audit_rules_time_settimeofdayRecord attempts to alter time through settimeofday
audit_rules_time_stimeRecord Attempts to Alter Time Through stime
audit_rules_time_watch_localtimeRecord Attempts to Alter the localtime File
audit_rules_usergroup_modificationRecord Events that Modify User/Group Information
audit_rules_usergroup_modification_groupRecord Events that Modify User/Group Information - /etc/group
audit_rules_usergroup_modification_gshadowRecord Events that Modify User/Group Information - /etc/gshadow
audit_rules_usergroup_modification_opasswdRecord Events that Modify User/Group Information - /etc/security/opasswd
audit_rules_usergroup_modification_passwdRecord Events that Modify User/Group Information - /etc/passwd
audit_rules_usergroup_modification_shadowRecord Events that Modify User/Group Information - /etc/shadow
directory_access_var_log_auditRecord Access Events to Audit Log Directory
service_auditd_enabledEnable auditd Service
audit_rules_dac_modification_chmodRecord Events that Modify the System's Discretionary Access Controls - chmod
audit_rules_dac_modification_chownRecord Events that Modify the System's Discretionary Access Controls - chown
audit_rules_dac_modification_fchmodRecord Events that Modify the System's Discretionary Access Controls - fchmod
audit_rules_dac_modification_fchmodatRecord Events that Modify the System's Discretionary Access Controls - fchmodat
audit_rules_dac_modification_fchownRecord Events that Modify the System's Discretionary Access Controls - fchown
audit_rules_dac_modification_fchownatRecord Events that Modify the System's Discretionary Access Controls - fchownat
audit_rules_dac_modification_fremovexattrRecord Events that Modify the System's Discretionary Access Controls - fremovexattr
audit_rules_dac_modification_fsetxattrRecord Events that Modify the System's Discretionary Access Controls - fsetxattr
audit_rules_dac_modification_lchownRecord Events that Modify the System's Discretionary Access Controls - lchown
audit_rules_dac_modification_lremovexattrRecord Events that Modify the System's Discretionary Access Controls - lremovexattr
audit_rules_dac_modification_lsetxattrRecord Events that Modify the System's Discretionary Access Controls - lsetxattr
audit_rules_dac_modification_removexattrRecord Events that Modify the System's Discretionary Access Controls - removexattr
audit_rules_dac_modification_setxattrRecord Events that Modify the System's Discretionary Access Controls - setxattr
audit_rules_execution_chconRecord Any Attempts to Run chcon
audit_rules_execution_semanageRecord Any Attempts to Run semanage
audit_rules_execution_setseboolRecord Any Attempts to Run setsebool
audit_rules_file_deletion_eventsEnsure auditd Collects File Deletion Events by User
audit_rules_file_deletion_events_renameEnsure auditd Collects File Deletion Events by User - rename
audit_rules_file_deletion_events_renameatEnsure auditd Collects File Deletion Events by User - renameat
audit_rules_file_deletion_events_rmdirEnsure auditd Collects File Deletion Events by User - rmdir
audit_rules_file_deletion_events_unlinkEnsure auditd Collects File Deletion Events by User - unlink
audit_rules_file_deletion_events_unlinkatEnsure auditd Collects File Deletion Events by User - unlinkat
audit_rules_kernel_module_loadingEnsure auditd Collects Information on Kernel Module Loading and Unloading
audit_rules_kernel_module_loading_deleteEnsure auditd Collects Information on Kernel Module Unloading - delete_module
audit_rules_kernel_module_loading_finitEnsure auditd Collects Information on Kernel Module Loading and Unloading - finit_module
audit_rules_kernel_module_loading_initEnsure auditd Collects Information on Kernel Module Loading - init_module
audit_rules_login_eventsRecord Attempts to Alter Logon and Logout Events
audit_rules_login_events_faillockRecord Attempts to Alter Logon and Logout Events - faillock
audit_rules_login_events_lastlogRecord Attempts to Alter Logon and Logout Events - lastlog
audit_rules_login_events_tallylogRecord Attempts to Alter Logon and Logout Events - tallylog
audit_rules_mac_modificationRecord Events that Modify the System's Mandatory Access Controls
audit_rules_media_exportEnsure auditd Collects Information on Exporting to Media (successful)
audit_rules_networkconfig_modificationRecord Events that Modify the System's Network Environment
audit_rules_privileged_commandsEnsure auditd Collects Information on the Use of Privileged Commands
audit_rules_privileged_commands_chageEnsure auditd Collects Information on the Use of Privileged Commands - chage
audit_rules_privileged_commands_chshEnsure auditd Collects Information on the Use of Privileged Commands - chsh
audit_rules_privileged_commands_crontabEnsure auditd Collects Information on the Use of Privileged Commands - crontab
audit_rules_privileged_commands_gpasswdEnsure auditd Collects Information on the Use of Privileged Commands - gpasswd
audit_rules_privileged_commands_pam_timestamp_checkEnsure auditd Collects Information on the Use of Privileged Commands - pam_timestamp_check
audit_rules_privileged_commands_passwdEnsure auditd Collects Information on the Use of Privileged Commands - passwd
audit_rules_privileged_commands_postdropEnsure auditd Collects Information on the Use of Privileged Commands - postdrop
audit_rules_privileged_commands_postqueueEnsure auditd Collects Information on the Use of Privileged Commands - postqueue
audit_rules_privileged_commands_ssh_keysignEnsure auditd Collects Information on the Use of Privileged Commands - ssh-keysign
audit_rules_privileged_commands_suEnsure auditd Collects Information on the Use of Privileged Commands - su
audit_rules_privileged_commands_sudoEnsure auditd Collects Information on the Use of Privileged Commands - sudo
audit_rules_privileged_commands_umountEnsure auditd Collects Information on the Use of Privileged Commands - umount
audit_rules_privileged_commands_unix_chkpwdEnsure auditd Collects Information on the Use of Privileged Commands - unix_chkpwd
audit_rules_session_eventsRecord Attempts to Alter Process and Session Initiation Information
audit_rules_sysadmin_actionsEnsure auditd Collects System Administrator Actions
audit_rules_time_adjtimexRecord attempts to alter time through adjtimex
audit_rules_time_clock_settimeRecord Attempts to Alter Time Through clock_settime
audit_rules_time_settimeofdayRecord attempts to alter time through settimeofday
audit_rules_time_stimeRecord Attempts to Alter Time Through stime
audit_rules_time_watch_localtimeRecord Attempts to Alter the localtime File
audit_rules_unsuccessful_file_modificationEnsure auditd Collects Unauthorized Access Attempts to Files (unsuccessful)
audit_rules_unsuccessful_file_modification_creatRecord Unsuccessful Access Attempts to Files - creat
audit_rules_unsuccessful_file_modification_ftruncateRecord Unsuccessful Access Attempts to Files - ftruncate
audit_rules_unsuccessful_file_modification_openRecord Unsuccessful Access Attempts to Files - open
audit_rules_unsuccessful_file_modification_open_by_handle_atRecord Unsuccessful Access Attempts to Files - open_by_handle_at
audit_rules_unsuccessful_file_modification_openatRecord Unsuccessful Access Attempts to Files - openat
audit_rules_unsuccessful_file_modification_truncateRecord Unsuccessful Access Attempts to Files - truncate
audit_rules_usergroup_modificationRecord Events that Modify User/Group Information
audit_rules_usergroup_modification_groupRecord Events that Modify User/Group Information - /etc/group
audit_rules_usergroup_modification_gshadowRecord Events that Modify User/Group Information - /etc/gshadow
audit_rules_usergroup_modification_opasswdRecord Events that Modify User/Group Information - /etc/security/opasswd
audit_rules_usergroup_modification_passwdRecord Events that Modify User/Group Information - /etc/passwd
audit_rules_usergroup_modification_shadowRecord Events that Modify User/Group Information - /etc/shadow
directory_access_var_log_auditRecord Access Events to Audit Log Directory
service_auditd_enabledEnable auditd Service
audit_rules_dac_modification_chmodRecord Events that Modify the System's Discretionary Access Controls - chmod
audit_rules_dac_modification_chownRecord Events that Modify the System's Discretionary Access Controls - chown
audit_rules_dac_modification_fchmodRecord Events that Modify the System's Discretionary Access Controls - fchmod
audit_rules_dac_modification_fchmodatRecord Events that Modify the System's Discretionary Access Controls - fchmodat
audit_rules_dac_modification_fchownRecord Events that Modify the System's Discretionary Access Controls - fchown
audit_rules_dac_modification_fchownatRecord Events that Modify the System's Discretionary Access Controls - fchownat
audit_rules_dac_modification_fremovexattrRecord Events that Modify the System's Discretionary Access Controls - fremovexattr
audit_rules_dac_modification_fsetxattrRecord Events that Modify the System's Discretionary Access Controls - fsetxattr
audit_rules_dac_modification_lchownRecord Events that Modify the System's Discretionary Access Controls - lchown
audit_rules_dac_modification_lremovexattrRecord Events that Modify the System's Discretionary Access Controls - lremovexattr
audit_rules_dac_modification_lsetxattrRecord Events that Modify the System's Discretionary Access Controls - lsetxattr
audit_rules_dac_modification_removexattrRecord Events that Modify the System's Discretionary Access Controls - removexattr
audit_rules_dac_modification_setxattrRecord Events that Modify the System's Discretionary Access Controls - setxattr
audit_rules_execution_chconRecord Any Attempts to Run chcon
audit_rules_execution_semanageRecord Any Attempts to Run semanage
audit_rules_execution_setseboolRecord Any Attempts to Run setsebool
audit_rules_file_deletion_eventsEnsure auditd Collects File Deletion Events by User
audit_rules_file_deletion_events_renameEnsure auditd Collects File Deletion Events by User - rename
audit_rules_file_deletion_events_renameatEnsure auditd Collects File Deletion Events by User - renameat
audit_rules_file_deletion_events_rmdirEnsure auditd Collects File Deletion Events by User - rmdir
audit_rules_file_deletion_events_unlinkEnsure auditd Collects File Deletion Events by User - unlink
audit_rules_file_deletion_events_unlinkatEnsure auditd Collects File Deletion Events by User - unlinkat
audit_rules_kernel_module_loadingEnsure auditd Collects Information on Kernel Module Loading and Unloading
audit_rules_kernel_module_loading_deleteEnsure auditd Collects Information on Kernel Module Unloading - delete_module
audit_rules_kernel_module_loading_finitEnsure auditd Collects Information on Kernel Module Loading and Unloading - finit_module
audit_rules_kernel_module_loading_initEnsure auditd Collects Information on Kernel Module Loading - init_module
audit_rules_login_eventsRecord Attempts to Alter Logon and Logout Events
audit_rules_login_events_faillockRecord Attempts to Alter Logon and Logout Events - faillock
audit_rules_login_events_lastlogRecord Attempts to Alter Logon and Logout Events - lastlog
audit_rules_login_events_tallylogRecord Attempts to Alter Logon and Logout Events - tallylog
audit_rules_mac_modificationRecord Events that Modify the System's Mandatory Access Controls
audit_rules_media_exportEnsure auditd Collects Information on Exporting to Media (successful)
audit_rules_networkconfig_modificationRecord Events that Modify the System's Network Environment
audit_rules_privileged_commandsEnsure auditd Collects Information on the Use of Privileged Commands
audit_rules_privileged_commands_chageEnsure auditd Collects Information on the Use of Privileged Commands - chage
audit_rules_privileged_commands_chshEnsure auditd Collects Information on the Use of Privileged Commands - chsh
audit_rules_privileged_commands_crontabEnsure auditd Collects Information on the Use of Privileged Commands - crontab
audit_rules_privileged_commands_gpasswdEnsure auditd Collects Information on the Use of Privileged Commands - gpasswd
audit_rules_privileged_commands_pam_timestamp_checkEnsure auditd Collects Information on the Use of Privileged Commands - pam_timestamp_check
audit_rules_privileged_commands_passwdEnsure auditd Collects Information on the Use of Privileged Commands - passwd
audit_rules_privileged_commands_postdropEnsure auditd Collects Information on the Use of Privileged Commands - postdrop
audit_rules_privileged_commands_postqueueEnsure auditd Collects Information on the Use of Privileged Commands - postqueue
audit_rules_privileged_commands_ssh_keysignEnsure auditd Collects Information on the Use of Privileged Commands - ssh-keysign
audit_rules_privileged_commands_suEnsure auditd Collects Information on the Use of Privileged Commands - su
audit_rules_privileged_commands_sudoEnsure auditd Collects Information on the Use of Privileged Commands - sudo
audit_rules_privileged_commands_umountEnsure auditd Collects Information on the Use of Privileged Commands - umount
audit_rules_privileged_commands_unix_chkpwdEnsure auditd Collects Information on the Use of Privileged Commands - unix_chkpwd
audit_rules_session_eventsRecord Attempts to Alter Process and Session Initiation Information
audit_rules_sysadmin_actionsEnsure auditd Collects System Administrator Actions
audit_rules_time_adjtimexRecord attempts to alter time through adjtimex
audit_rules_time_clock_settimeRecord Attempts to Alter Time Through clock_settime
audit_rules_time_settimeofdayRecord attempts to alter time through settimeofday
audit_rules_time_stimeRecord Attempts to Alter Time Through stime
audit_rules_time_watch_localtimeRecord Attempts to Alter the localtime File
audit_rules_unsuccessful_file_modificationEnsure auditd Collects Unauthorized Access Attempts to Files (unsuccessful)
audit_rules_unsuccessful_file_modification_creatRecord Unsuccessful Access Attempts to Files - creat
audit_rules_unsuccessful_file_modification_ftruncateRecord Unsuccessful Access Attempts to Files - ftruncate
audit_rules_unsuccessful_file_modification_openRecord Unsuccessful Access Attempts to Files - open
audit_rules_unsuccessful_file_modification_open_by_handle_atRecord Unsuccessful Access Attempts to Files - open_by_handle_at
audit_rules_unsuccessful_file_modification_openatRecord Unsuccessful Access Attempts to Files - openat
audit_rules_unsuccessful_file_modification_truncateRecord Unsuccessful Access Attempts to Files - truncate
audit_rules_usergroup_modificationRecord Events that Modify User/Group Information
audit_rules_usergroup_modification_groupRecord Events that Modify User/Group Information - /etc/group
audit_rules_usergroup_modification_gshadowRecord Events that Modify User/Group Information - /etc/gshadow
audit_rules_usergroup_modification_opasswdRecord Events that Modify User/Group Information - /etc/security/opasswd
audit_rules_usergroup_modification_passwdRecord Events that Modify User/Group Information - /etc/passwd
audit_rules_usergroup_modification_shadowRecord Events that Modify User/Group Information - /etc/shadow
directory_access_var_log_auditRecord Access Events to Audit Log Directory
service_auditd_enabledEnable auditd Service
account_disable_post_pw_expirationSet Account Expiration Following Inactivity
accounts_logon_fail_delayEnsure the Logon Failure Delay is Set Correctly in login.defs
accounts_max_concurrent_login_sessionsLimit the Number of Concurrent Login Sessions Allowed Per User
accounts_maximum_age_login_defsSet Password Maximum Age
accounts_minimum_age_login_defsSet Password Minimum Age
accounts_password_all_shadowedVerify All Account Password Hashes are Shadowed
accounts_password_minlen_login_defsSet Password Minimum Length in login.defs
accounts_password_pam_dcreditEnsure PAM Enforces Password Requirements - Minimum Digit Characters
accounts_password_pam_difokEnsure PAM Enforces Password Requirements - Minimum Different Characters
accounts_password_pam_lcreditEnsure PAM Enforces Password Requirements - Minimum Lowercase Characters
accounts_password_pam_maxclassrepeatEnsure PAM Enforces Password Requirements - Maximum Consecutive Repeating Characters from Same Character Class
accounts_password_pam_maxrepeatSet Password Maximum Consecutive Repeating Characters
accounts_password_pam_minclassEnsure PAM Enforces Password Requirements - Minimum Different Categories
accounts_password_pam_minlenEnsure PAM Enforces Password Requirements - Minimum Length
accounts_password_pam_ocreditEnsure PAM Enforces Password Requirements - Minimum Special Characters
accounts_password_pam_retryEnsure PAM Enforces Password Requirements - Authentication Retry Prompts Permitted Per-Session
accounts_password_pam_ucreditEnsure PAM Enforces Password Requirements - Minimum Uppercase Characters
accounts_password_set_max_life_existingSet Existing Passwords Maximum Age
accounts_password_set_min_life_existingSet Existing Passwords Minimum Age
accounts_password_warn_age_login_defsSet Password Warning Age
accounts_passwords_pam_faillock_denyLock Accounts After Failed Password Attempts
accounts_passwords_pam_faillock_deny_rootConfigure the root Account for Failed Password Attempts
accounts_root_path_dirs_no_writeEnsure that Root's Path Does Not Include World or Group-Writable Directories
accounts_tmoutSet Interactive Session Timeout
accounts_umask_etc_login_defsEnsure the Default Umask is Set Correctly in login.defs
accounts_umask_etc_profileEnsure the Default Umask is Set Correctly in /etc/profile
aide_build_databaseBuild and Test AIDE Database
aide_periodic_cron_checkingConfigure Periodic Execution of AIDE
aide_scan_notificationConfigure Notification of Post-AIDE Scan Details
audit_rules_dac_modification_chmodRecord Events that Modify the System's Discretionary Access Controls - chmod
audit_rules_dac_modification_chownRecord Events that Modify the System's Discretionary Access Controls - chown
audit_rules_dac_modification_fchmodRecord Events that Modify the System's Discretionary Access Controls - fchmod
audit_rules_dac_modification_fchmodatRecord Events that Modify the System's Discretionary Access Controls - fchmodat
audit_rules_dac_modification_fchownRecord Events that Modify the System's Discretionary Access Controls - fchown
audit_rules_dac_modification_fchownatRecord Events that Modify the System's Discretionary Access Controls - fchownat
audit_rules_dac_modification_fremovexattrRecord Events that Modify the System's Discretionary Access Controls - fremovexattr
audit_rules_dac_modification_fsetxattrRecord Events that Modify the System's Discretionary Access Controls - fsetxattr
audit_rules_dac_modification_lchownRecord Events that Modify the System's Discretionary Access Controls - lchown
audit_rules_dac_modification_lremovexattrRecord Events that Modify the System's Discretionary Access Controls - lremovexattr
audit_rules_dac_modification_lsetxattrRecord Events that Modify the System's Discretionary Access Controls - lsetxattr
audit_rules_dac_modification_removexattrRecord Events that Modify the System's Discretionary Access Controls - removexattr
audit_rules_dac_modification_setxattrRecord Events that Modify the System's Discretionary Access Controls - setxattr
audit_rules_execution_chconRecord Any Attempts to Run chcon
audit_rules_execution_semanageRecord Any Attempts to Run semanage
audit_rules_execution_setseboolRecord Any Attempts to Run setsebool
audit_rules_file_deletion_eventsEnsure auditd Collects File Deletion Events by User
audit_rules_file_deletion_events_renameEnsure auditd Collects File Deletion Events by User - rename
audit_rules_file_deletion_events_renameatEnsure auditd Collects File Deletion Events by User - renameat
audit_rules_file_deletion_events_rmdirEnsure auditd Collects File Deletion Events by User - rmdir
audit_rules_file_deletion_events_unlinkEnsure auditd Collects File Deletion Events by User - unlink
audit_rules_file_deletion_events_unlinkatEnsure auditd Collects File Deletion Events by User - unlinkat
audit_rules_immutableMake the auditd Configuration Immutable
audit_rules_kernel_module_loadingEnsure auditd Collects Information on Kernel Module Loading and Unloading
audit_rules_kernel_module_loading_deleteEnsure auditd Collects Information on Kernel Module Unloading - delete_module
audit_rules_kernel_module_loading_finitEnsure auditd Collects Information on Kernel Module Loading and Unloading - finit_module
audit_rules_kernel_module_loading_initEnsure auditd Collects Information on Kernel Module Loading - init_module
audit_rules_login_eventsRecord Attempts to Alter Logon and Logout Events
audit_rules_login_events_faillockRecord Attempts to Alter Logon and Logout Events - faillock
audit_rules_login_events_lastlogRecord Attempts to Alter Logon and Logout Events - lastlog
audit_rules_login_events_tallylogRecord Attempts to Alter Logon and Logout Events - tallylog
audit_rules_mac_modificationRecord Events that Modify the System's Mandatory Access Controls
audit_rules_media_exportEnsure auditd Collects Information on Exporting to Media (successful)
audit_rules_networkconfig_modificationRecord Events that Modify the System's Network Environment
audit_rules_privileged_commandsEnsure auditd Collects Information on the Use of Privileged Commands
audit_rules_privileged_commands_chageEnsure auditd Collects Information on the Use of Privileged Commands - chage
audit_rules_privileged_commands_chshEnsure auditd Collects Information on the Use of Privileged Commands - chsh
audit_rules_privileged_commands_crontabEnsure auditd Collects Information on the Use of Privileged Commands - crontab
audit_rules_privileged_commands_gpasswdEnsure auditd Collects Information on the Use of Privileged Commands - gpasswd
audit_rules_privileged_commands_pam_timestamp_checkEnsure auditd Collects Information on the Use of Privileged Commands - pam_timestamp_check
audit_rules_privileged_commands_passwdEnsure auditd Collects Information on the Use of Privileged Commands - passwd
audit_rules_privileged_commands_postdropEnsure auditd Collects Information on the Use of Privileged Commands - postdrop
audit_rules_privileged_commands_postqueueEnsure auditd Collects Information on the Use of Privileged Commands - postqueue
audit_rules_privileged_commands_ssh_keysignEnsure auditd Collects Information on the Use of Privileged Commands - ssh-keysign
audit_rules_privileged_commands_suEnsure auditd Collects Information on the Use of Privileged Commands - su
audit_rules_privileged_commands_sudoEnsure auditd Collects Information on the Use of Privileged Commands - sudo
audit_rules_privileged_commands_umountEnsure auditd Collects Information on the Use of Privileged Commands - umount
audit_rules_privileged_commands_unix_chkpwdEnsure auditd Collects Information on the Use of Privileged Commands - unix_chkpwd
audit_rules_session_eventsRecord Attempts to Alter Process and Session Initiation Information
audit_rules_sysadmin_actionsEnsure auditd Collects System Administrator Actions
audit_rules_system_shutdownShutdown System When Auditing Failures Occur
audit_rules_time_adjtimexRecord attempts to alter time through adjtimex
audit_rules_time_clock_settimeRecord Attempts to Alter Time Through clock_settime
audit_rules_time_settimeofdayRecord attempts to alter time through settimeofday
audit_rules_time_stimeRecord Attempts to Alter Time Through stime
audit_rules_time_watch_localtimeRecord Attempts to Alter the localtime File
audit_rules_unsuccessful_file_modificationEnsure auditd Collects Unauthorized Access Attempts to Files (unsuccessful)
audit_rules_unsuccessful_file_modification_creatRecord Unsuccessful Access Attempts to Files - creat
audit_rules_unsuccessful_file_modification_ftruncateRecord Unsuccessful Access Attempts to Files - ftruncate
audit_rules_unsuccessful_file_modification_openRecord Unsuccessful Access Attempts to Files - open
audit_rules_unsuccessful_file_modification_open_by_handle_atRecord Unsuccessful Access Attempts to Files - open_by_handle_at
audit_rules_unsuccessful_file_modification_openatRecord Unsuccessful Access Attempts to Files - openat
audit_rules_unsuccessful_file_modification_truncateRecord Unsuccessful Access Attempts to Files - truncate
audit_rules_usergroup_modificationRecord Events that Modify User/Group Information
audit_rules_usergroup_modification_groupRecord Events that Modify User/Group Information - /etc/group
audit_rules_usergroup_modification_gshadowRecord Events that Modify User/Group Information - /etc/gshadow
audit_rules_usergroup_modification_opasswdRecord Events that Modify User/Group Information - /etc/security/opasswd
audit_rules_usergroup_modification_passwdRecord Events that Modify User/Group Information - /etc/passwd
audit_rules_usergroup_modification_shadowRecord Events that Modify User/Group Information - /etc/shadow
auditd_audispd_disk_full_actionConfigure audispd's Plugin disk_full_action When Disk Is Full
auditd_audispd_encrypt_sent_recordsEncrypt Audit Records Sent With audispd Plugin
auditd_audispd_network_failure_actionConfigure audispd's Plugin network_failure_action On Network Failure
auditd_audispd_syslog_plugin_activatedConfigure auditd to use audispd's syslog plugin
auditd_data_disk_error_actionConfigure auditd Disk Error Action on Disk Error
auditd_data_disk_full_actionConfigure auditd Disk Full Action when Disk Space Is Full
auditd_data_retention_action_mail_acctConfigure auditd mail_acct Action on Low Disk Space
auditd_data_retention_admin_space_left_actionConfigure auditd admin_space_left Action on Low Disk Space
auditd_data_retention_max_log_fileConfigure auditd Max Log File Size
auditd_data_retention_max_log_file_actionConfigure auditd max_log_file_action Upon Reaching Maximum Log Size
auditd_data_retention_num_logsConfigure auditd Number of Logs Retained
auditd_data_retention_space_leftConfigure auditd space_left on Low Disk Space
auditd_data_retention_space_left_actionConfigure auditd space_left Action on Low Disk Space
avahi_disable_publishingDisable Avahi Publishing
chronyd_or_ntpd_set_maxpollConfigure Time Service Maxpoll Interval
chronyd_specify_remote_serverA remote time server for Chrony is configured
configure_firewalld_portsConfigure the Firewalld Ports
configure_firewalld_rate_limitingConfigure firewalld To Rate Limit Connections
dhcp_server_minimize_served_infoMinimize Served Information
dir_perms_world_writable_sticky_bitsVerify that All World-Writable Directories Have Sticky Bits Set
dir_perms_world_writable_system_ownedEnsure All World-Writable Directories Are Owned by a System Account
dir_perms_world_writable_system_owned_groupEnsure All World-Writable Directories Are Group Owned by a System Account
directory_access_var_log_auditRecord Access Events to Audit Log Directory
directory_permissions_var_log_auditSystem Audit Logs Must Have Mode 0750 or Less Permissive
disable_ctrlaltdel_rebootDisable Ctrl-Alt-Del Reboot Activation
disable_host_authDisable Host-Based Authentication
disable_prelinkDisable Prelinking
display_login_attemptsEnsure PAM Displays Last Logon/Access Notification
ensure_gpgcheck_local_packagesEnsure gpgcheck Enabled for Local Packages
ensure_logrotate_activatedEnsure Logrotate Runs Periodically
etc_system_fips_existsEnsure '/etc/system-fips' exists
file_groupowner_cron_allowVerify Group Who Owns /etc/cron.allow file
file_groupowner_etc_groupVerify Group Who Owns group File
file_groupowner_etc_gshadowVerify Group Who Owns gshadow File
file_groupowner_etc_passwdVerify Group Who Owns passwd File
file_groupowner_etc_shadowVerify Group Who Owns shadow File
file_owner_cron_allowVerify User Who Owns /etc/cron.allow file
file_owner_etc_groupVerify User Who Owns group File
file_owner_etc_gshadowVerify User Who Owns gshadow File
file_owner_etc_passwdVerify User Who Owns passwd File
file_owner_etc_shadowVerify User Who Owns shadow File
file_ownership_binary_dirsVerify that System Executables Have Root Ownership
file_ownership_library_dirsVerify that Shared Library Files Have Root Ownership
file_ownership_var_log_auditSystem Audit Logs Must Be Owned By Root
file_permissions_binary_dirsVerify that System Executables Have Restrictive Permissions
file_permissions_etc_groupVerify Permissions on group File
file_permissions_etc_gshadowVerify Permissions on gshadow File
file_permissions_etc_passwdVerify Permissions on passwd File
file_permissions_etc_shadowVerify Permissions on shadow File
file_permissions_home_dirsEnsure that User Home Directories are not Group-Writable or World-Readable
file_permissions_library_dirsVerify that Shared Library Files Have Restrictive Permissions
file_permissions_sshd_private_keyVerify Permissions on SSH Server Private *_key Key Files
file_permissions_sshd_pub_keyVerify Permissions on SSH Server Public *.pub Key Files
file_permissions_unauthorized_sgidEnsure All SGID Executables Are Authorized
file_permissions_unauthorized_suidEnsure All SUID Executables Are Authorized
file_permissions_unauthorized_world_writableEnsure No World-Writable Files Exist
file_permissions_ungroupownedEnsure All Files Are Owned by a Group
gid_passwd_group_sameAll GIDs referenced in /etc/passwd must be defined in /etc/group
grub2_admin_usernameSet the Boot Loader Admin Username to a Non-Default Value
grub2_enable_fips_modeEnable FIPS Mode in GRUB2
grub2_passwordSet Boot Loader Password in grub2
grub2_uefi_admin_usernameSet the UEFI Boot Loader Admin Username to a Non-Default Value
grub2_uefi_passwordSet the UEFI Boot Loader Password
harden_ssh_client_crypto_policyHarden SSH client Crypto Policy
installed_OS_is_FIPS_certifiedThe Installed Operating System Is FIPS 140-2 Certified
installed_OS_is_vendor_supportedThe Installed Operating System Is Vendor Supported
kernel_module_dccp_disabledDisable DCCP Support
kernel_module_ipv6_option_disabledDisable IPv6 Networking Support Automatic Loading
kernel_module_rds_disabledDisable RDS Support
kernel_module_tipc_disabledDisable TIPC Support
kernel_module_usb-storage_disabledDisable Modprobe Loading of USB Storage Driver
mount_option_dev_shm_nodevAdd nodev Option to /dev/shm
mount_option_dev_shm_nosuidAdd nosuid Option to /dev/shm
mount_option_home_nosuidAdd nosuid Option to /home
mount_option_krb_sec_remote_filesystemsMount Remote Filesystems with Kerberos Security
mount_option_noexec_remote_filesystemsMount Remote Filesystems with noexec
mount_option_nosuid_removable_partitionsAdd nosuid Option to Removable Media Partitions
network_configure_name_resolutionConfigure Multiple DNS Servers in /etc/resolv.conf
network_sniffer_disabledEnsure System is Not Acting as a Network Sniffer
no_direct_root_loginsDirect root Logins Not Allowed
no_empty_passwordsPrevent Login to Accounts With Empty Password
no_files_unowned_by_userEnsure All Files Are Owned by a User
no_netrc_filesVerify No netrc Files Exist
no_password_auth_for_systemaccountsEnsure that System Accounts Are Locked
no_rsh_trust_filesRemove Rsh Trust Files
ntpd_specify_multiple_serversSpecify Additional Remote NTP Servers
ntpd_specify_remote_serverSpecify a Remote NTP Server
package_MFEhiplsm_installedInstall the Host Intrusion Prevention System (HIPS) Module
package_aide_installedInstall AIDE
package_audit_installedEnsure the audit Subsystem is Installed
package_cron_installedInstall the cron service
package_dracut-fips-aesni_installedInstall the dracut-fips-aesni Package
package_dracut-fips_installedInstall the dracut-fips Package
package_inetutils-telnetd_removedUninstall the inet-based telnet server
package_ntp_installedInstall the ntp service
package_openssh-server_installedInstall the OpenSSH Server Package
package_rsh-server_removedUninstall rsh-server Package
package_rsyslog_installedEnsure rsyslog is Installed
package_screen_installedInstall the screen Package
package_syslogng_installedEnsure syslog-ng is Installed
package_telnet-server_removedUninstall telnet-server Package
package_telnetd-ssl_removedUninstall the ssl compliant telnet server
package_telnetd_removedUninstall the telnet server
package_tftp-server_removedUninstall tftp-server Package
package_vsftpd_removedUninstall vsftpd Package
package_ypserv_removedUninstall ypserv Package
partition_for_homeEnsure /home Located On Separate Partition
partition_for_tmpEnsure /tmp Located On Separate Partition
partition_for_varEnsure /var Located On Separate Partition
partition_for_var_logEnsure /var/log Located On Separate Partition
partition_for_var_log_auditEnsure /var/log/audit Located On Separate Partition
postfix_client_configure_mail_aliasConfigure System to Forward All Mail For The Root Account
require_singleuser_authRequire Authentication for Single User Mode
restrict_serial_port_loginsRestrict Serial Port Root Logins
root_path_no_dotEnsure that Root's Path Does Not Include Relative Paths or Null Directories
rpm_verify_permissionsVerify and Correct File Permissions with RPM
rsyslog_accept_remote_messages_tcpEnable rsyslog to Accept Messages via TCP, if Acting As Log Server
rsyslog_accept_remote_messages_udpEnable rsyslog to Accept Messages via UDP, if Acting As Log Server
rsyslog_cron_loggingEnsure cron Is Logging To Rsyslog
rsyslog_files_groupownershipEnsure Log Files Are Owned By Appropriate Group
rsyslog_files_ownershipEnsure Log Files Are Owned By Appropriate User
rsyslog_files_permissionsEnsure System Log Files Have Correct Permissions
rsyslog_nolistenEnsure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server
rsyslog_remote_loghostEnsure Logs Sent To Remote Host
securetty_root_login_console_onlyRestrict Virtual Console Root Logins
selinux_all_devicefiles_labeledEnsure No Device Files are Unlabeled by SELinux
service_auditd_enabledEnable auditd Service
service_autofs_disabledDisable the Automounter
service_cron_enabledEnable cron Service
service_firewalld_enabledVerify firewalld Enabled
service_ip6tables_enabledVerify ip6tables Enabled if Using IPv6
service_iptables_enabledVerify iptables Enabled
service_kdump_disabledDisable KDump Kernel Crash Analyzer (kdump)
service_ntp_enabledEnable the NTP Daemon
service_ntpd_enabledEnable the NTP Daemon
service_rsyslog_enabledEnable rsyslog Service
service_sshd_enabledEnable the OpenSSH Service
service_syslogng_enabledEnable syslog-ng Service
set_ip6tables_default_ruleSet Default ip6tables Policy for Incoming Packets
set_iptables_default_ruleSet Default iptables Policy for Incoming Packets
set_iptables_default_rule_forwardSet Default iptables Policy for Forwarded Packets
set_password_hashing_algorithm_libuserconfSet Password Hashing Algorithm in /etc/libuser.conf
set_password_hashing_algorithm_logindefsSet Password Hashing Algorithm in /etc/login.defs
set_password_hashing_algorithm_systemauthSet PAM's Password Hashing Algorithm
sshd_allow_only_protocol2Allow Only SSH Protocol 2
sshd_disable_compressionDisable Compression Or Set Compression to delayed
sshd_disable_empty_passwordsDisable SSH Access via Empty Passwords
sshd_disable_gssapi_authDisable GSSAPI Authentication
sshd_disable_kerb_authDisable Kerberos Authentication
sshd_disable_rhostsDisable SSH Support for .rhosts Files
sshd_disable_rhosts_rsaDisable SSH Support for Rhosts RSA Authentication
sshd_disable_root_loginDisable SSH Root Login
sshd_disable_user_known_hostsDisable SSH Support for User Known Hosts
sshd_do_not_permit_user_envDo Not Allow SSH Environment Options
sshd_enable_strictmodesEnable Use of Strict Mode Checking
sshd_enable_warning_bannerEnable SSH Warning Banner
sshd_enable_warning_banner_netEnable SSH Warning Banner
sshd_enable_x11_forwardingEnable Encrypted X11 Forwarding
sshd_limit_user_accessLimit Users' SSH Access
sshd_print_last_logEnable SSH Print Last Log
sshd_set_idle_timeoutSet SSH Idle Timeout Interval
sshd_set_keepaliveSet SSH Client Alive Count Max
sshd_set_keepalive_0Set SSH Client Alive Count Max to zero
sshd_set_loglevel_infoSet LogLevel to INFO
sshd_set_loglevel_verboseSet SSH Daemon LogLevel to VERBOSE
sshd_use_approved_ciphersUse Only FIPS 140-2 Validated Ciphers
sshd_use_approved_macsUse Only FIPS 140-2 Validated MACs
sshd_use_priv_separationEnable Use of Privilege Separation
sssd_ldap_configure_tls_caConfigure SSSD LDAP Backend Client CA Certificate
sssd_ldap_configure_tls_ca_dirConfigure SSSD LDAP Backend Client CA Certificate Location
sssd_ldap_configure_tls_reqcertConfigure SSSD LDAP Backend Client to Demand a Valid Certificate from the Server
sssd_ldap_start_tlsConfigure SSSD LDAP Backend to Use TLS For All Transactions
sudo_remove_no_authenticateEnsure Users Re-Authenticate for Privilege Escalation - sudo !authenticate
sudo_remove_nopasswdEnsure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD
sudo_require_authenticationEnsure Users Re-Authenticate for Privilege Escalation - sudo
sysctl_fs_protected_hardlinksEnable Kernel Parameter to Enforce DAC on Hardlinks
sysctl_fs_protected_symlinksEnable Kernel Parameter to Enforce DAC on Symlinks
sysctl_kernel_kptr_restrictRestrict Exposed Kernel Pointer Addresses Access
sysctl_kernel_randomize_va_spaceEnable Randomized Layout of Virtual Address Space
sysctl_net_ipv4_conf_all_accept_redirectsDisable Accepting ICMP Redirects for All IPv4 Interfaces
sysctl_net_ipv4_conf_all_accept_source_routeDisable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces
sysctl_net_ipv4_conf_all_send_redirectsDisable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces
sysctl_net_ipv4_conf_default_send_redirectsDisable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default
sysctl_net_ipv4_ip_forwardDisable Kernel Parameter for IP Forwarding on IPv4 Interfaces
sysctl_net_ipv6_conf_all_accept_source_routeDisable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces
sysctl_net_ipv6_conf_all_disable_ipv6Disable IPv6 Addressing on All IPv6 Interfaces
sysctl_net_ipv6_conf_default_disable_ipv6Disable IPv6 Addressing on IPv6 Interfaces by Default
avahi_disable_publishingDisable Avahi Publishing
dhcp_server_minimize_served_infoMinimize Served Information
disable_host_authDisable Host-Based Authentication
firewalld_sshd_port_enabledEnable SSH Server firewalld Firewall Exception
kernel_module_dccp_disabledDisable DCCP Support
kernel_module_ipv6_option_disabledDisable IPv6 Networking Support Automatic Loading
kernel_module_rds_disabledDisable RDS Support
kernel_module_tipc_disabledDisable TIPC Support
kernel_module_usb-storage_disabledDisable Modprobe Loading of USB Storage Driver
mount_option_dev_shm_nodevAdd nodev Option to /dev/shm
mount_option_dev_shm_nosuidAdd nosuid Option to /dev/shm
mount_option_home_nosuidAdd nosuid Option to /home
mount_option_krb_sec_remote_filesystemsMount Remote Filesystems with Kerberos Security
mount_option_nosuid_removable_partitionsAdd nosuid Option to Removable Media Partitions
network_sniffer_disabledEnsure System is Not Acting as a Network Sniffer
no_rsh_trust_filesRemove Rsh Trust Files
package_inetutils-telnetd_removedUninstall the inet-based telnet server
package_rsh-server_removedUninstall rsh-server Package
package_telnet-server_removedUninstall telnet-server Package
package_telnetd-ssl_removedUninstall the ssl compliant telnet server
package_telnetd_removedUninstall the telnet server
package_tftp-server_removedUninstall tftp-server Package
package_vsftpd_removedUninstall vsftpd Package
package_ypserv_removedUninstall ypserv Package
rsyslog_nolistenEnsure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server
selinux_all_devicefiles_labeledEnsure No Device Files are Unlabeled by SELinux
service_autofs_disabledDisable the Automounter
service_kdump_disabledDisable KDump Kernel Crash Analyzer (kdump)
sshd_disable_compressionDisable Compression Or Set Compression to delayed
sshd_disable_empty_passwordsDisable SSH Access via Empty Passwords
sshd_disable_gssapi_authDisable GSSAPI Authentication
sshd_disable_kerb_authDisable Kerberos Authentication
sshd_disable_rhostsDisable SSH Support for .rhosts Files
sshd_disable_rhosts_rsaDisable SSH Support for Rhosts RSA Authentication
sshd_disable_root_loginDisable SSH Root Login
sshd_disable_user_known_hostsDisable SSH Support for User Known Hosts
sshd_do_not_permit_user_envDo Not Allow SSH Environment Options
sssd_ldap_start_tlsConfigure SSSD LDAP Backend to Use TLS For All Transactions
sysctl_net_ipv4_conf_all_accept_redirectsDisable Accepting ICMP Redirects for All IPv4 Interfaces
sysctl_net_ipv4_conf_all_accept_source_routeDisable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces
sysctl_net_ipv4_conf_all_send_redirectsDisable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces
sysctl_net_ipv4_conf_default_accept_source_routeDisable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default
sysctl_net_ipv4_conf_default_send_redirectsDisable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default
sysctl_net_ipv4_icmp_echo_ignore_broadcastsEnable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces
sysctl_net_ipv4_ip_forwardDisable Kernel Parameter for IP Forwarding on IPv4 Interfaces
sysctl_net_ipv6_conf_all_accept_source_routeDisable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces
sysctl_net_ipv6_conf_all_disable_ipv6Disable IPv6 Addressing on All IPv6 Interfaces
sysctl_net_ipv6_conf_default_disable_ipv6Disable IPv6 Addressing on IPv6 Interfaces by Default
tftpd_uses_secure_modeEnsure tftp Daemon Uses Secure Mode
avahi_disable_publishingDisable Avahi Publishing
configure_firewalld_portsConfigure the Firewalld Ports
dhcp_server_minimize_served_infoMinimize Served Information
disable_host_authDisable Host-Based Authentication
firewalld_sshd_port_enabledEnable SSH Server firewalld Firewall Exception
kernel_module_dccp_disabledDisable DCCP Support
kernel_module_ipv6_option_disabledDisable IPv6 Networking Support Automatic Loading
kernel_module_rds_disabledDisable RDS Support
kernel_module_tipc_disabledDisable TIPC Support
kernel_module_usb-storage_disabledDisable Modprobe Loading of USB Storage Driver
mount_option_dev_shm_nodevAdd nodev Option to /dev/shm
mount_option_dev_shm_nosuidAdd nosuid Option to /dev/shm
mount_option_home_nosuidAdd nosuid Option to /home
mount_option_krb_sec_remote_filesystemsMount Remote Filesystems with Kerberos Security
mount_option_nosuid_removable_partitionsAdd nosuid Option to Removable Media Partitions
network_sniffer_disabledEnsure System is Not Acting as a Network Sniffer
no_rsh_trust_filesRemove Rsh Trust Files
package_inetutils-telnetd_removedUninstall the inet-based telnet server
package_rsh-server_removedUninstall rsh-server Package
package_telnet-server_removedUninstall telnet-server Package
package_telnetd-ssl_removedUninstall the ssl compliant telnet server
package_telnetd_removedUninstall the telnet server
package_tftp-server_removedUninstall tftp-server Package
package_vsftpd_removedUninstall vsftpd Package
package_ypserv_removedUninstall ypserv Package
rsyslog_nolistenEnsure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server
selinux_all_devicefiles_labeledEnsure No Device Files are Unlabeled by SELinux
service_autofs_disabledDisable the Automounter
service_firewalld_enabledVerify firewalld Enabled
service_ip6tables_enabledVerify ip6tables Enabled if Using IPv6
service_iptables_enabledVerify iptables Enabled
service_kdump_disabledDisable KDump Kernel Crash Analyzer (kdump)
set_ip6tables_default_ruleSet Default ip6tables Policy for Incoming Packets
set_iptables_default_ruleSet Default iptables Policy for Incoming Packets
set_iptables_default_rule_forwardSet Default iptables Policy for Forwarded Packets
sshd_disable_compressionDisable Compression Or Set Compression to delayed
sshd_disable_empty_passwordsDisable SSH Access via Empty Passwords
sshd_disable_gssapi_authDisable GSSAPI Authentication
sshd_disable_kerb_authDisable Kerberos Authentication
sshd_disable_rhostsDisable SSH Support for .rhosts Files
sshd_disable_rhosts_rsaDisable SSH Support for Rhosts RSA Authentication
sshd_disable_root_loginDisable SSH Root Login
sshd_disable_user_known_hostsDisable SSH Support for User Known Hosts
sshd_do_not_permit_user_envDo Not Allow SSH Environment Options
sssd_ldap_start_tlsConfigure SSSD LDAP Backend to Use TLS For All Transactions
sysctl_net_ipv4_conf_all_accept_redirectsDisable Accepting ICMP Redirects for All IPv4 Interfaces
sysctl_net_ipv4_conf_all_accept_source_routeDisable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces
sysctl_net_ipv4_conf_all_send_redirectsDisable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces
sysctl_net_ipv4_conf_default_accept_source_routeDisable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default
sysctl_net_ipv4_conf_default_send_redirectsDisable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default
sysctl_net_ipv4_icmp_echo_ignore_broadcastsEnable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces
sysctl_net_ipv4_ip_forwardDisable Kernel Parameter for IP Forwarding on IPv4 Interfaces
sysctl_net_ipv6_conf_all_accept_source_routeDisable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces
sysctl_net_ipv6_conf_all_disable_ipv6Disable IPv6 Addressing on All IPv6 Interfaces
sysctl_net_ipv6_conf_default_disable_ipv6Disable IPv6 Addressing on IPv6 Interfaces by Default