U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

United States Government Configuration Baseline USGCB

Red Hat Enterprise Linux 5 Desktop Content

Warning Notice

Do not attempt to implement any of the settings without first testing them in a non-operational environment. These recommendations have only been tested on Red Hat Enterprise Linux Desktop (v. 5 for 32-bit x86) and Red Hat Enterprise Linux Desktop (v. 5 for 64-bit x86_64). These settings may be applicable to other Red Hat systems; however NIST has not tested other Red Hat based systems with these settings. Please see the National Checklist Program (NCP) website for configuration guides related to other Red Hat based systems.

The draft download packages contain recommended security settings; they are not meant to replace well-structured policy or sound judgment. Furthermore, these recommendations do not address site-specific configuration issues. Care must be taken when implementing these settings to address local operational and policy concerns.

These recommendations were developed at the National Institute of Standards and Technology, which collaborated with DoD and Red Hat to produce the Red Hat Enterprise Linux Desktop 5 USGCB candidate. Pursuant to title 17 Section 105 of the United States Code, these recommendations are not subject to copyright protection and are in the public domain. NIST assumes no responsibility whatsoever for their use by other parties, and makes no guarantees, expressed or implied, about their quality, reliability, or any other characteristic. We would appreciate acknowledgement if the recommendations are used.

Download Packages

The following sections provide the downloads for the RHEL 5 USGCB Content.

SCAP Content

USGCB 1.2.5.0 SCAP 1.1 Content (Change Log)
SHA-256: b03958f178c78482c2f414f0707cc71ea1e280ca628e8b0321fafc500177eb96
Size (MB): 0.11
Last Modified: 01/17/2014

Documentation

USGCB 1.2.5.0 Settings

Please refer to the top-level Red Hat Content Page for the listing of all USGCB settings and associated hash values.

USGCB 1.2.5.0 Known Issues

Please refer to the top-level Red Hat Content Page for the listing of all known issues relating to USGCB content and associated hash values.

Configuration Support

Kickstart
SHA-256: 5444d628a8be31958ef7a75addf9367f1d87fec629468fc95a49064f57b8d236
Size (MB): 0.02
Last Modified: 12/06/2013

Puppet Modules (Change Log)
SHA-256: abe10b94c4c1d0d2f91a85380abea54d25ea549a218699f33c9c009bfe076479
Size (MB): 0.03
Last Modified: 07/26/2011

CCE to 800-53 Mappings

Machine-readable CCE to 800-53 Mappings

Update History

Date Documentation Configuration Support SCAP Content CCE to 800-53 Mappings
January 17, 2014 No changes No changes 1.2.5.0 USGCB OVAL 5.8 content posted. No changes
December 17, 2013 No changes No changes 1.1.5.0 USGCB OVAL 5.8 content posted. No changes
November 08, 2011 No changes No changes 1.0.5.0 USGCB OVAL 5.8 content posted. No changes
October 04, 2011 No changes No changes No changes National Checklist Program's Machine-readable CCE to 800-53 Mappings linked
September 30, 2011 1.0.5.0 Settings and Known Issues released 1.0.5.0 Kickstart configuration released 1.0.5.0 USGCB OVAL 5.8 content released. No changes
July 26, 2011 No changes Beta-Candidate Puppet Modules updated No changes No changes
March 31, 2011 No changes Beta-Candidate Kickstart configuration released No changes No changes
March 29, 2011 Beta-Candidate Settings and Known Issues released Beta-Candidate Puppet Modules released Beta-Candidate USGCB OVAL 5.8 content released. No changes
February 28, 2011 Alpha-Candidate Settings and Known Issues released Alpha-Candidate Kickstart configuration and Puppet Modules released Alpha-Candidate USGCB OVAL 5.4 content released. Future releases will use OVAL 5.8 constructs. Patch content is produced and hosted by Red Hat. No changes
Created December 14, 2016, Updated June 22, 2020