OVAL Results Generator Information
Schema Version Product Name Product Version Date Time
5.8  cpe:/a:open-scap:oscap    2013-02-05 13:44:58 
OVAL Definition Generator Information
Schema Version Product Name Product Version Date Time
5.8  vim    2011-03-06 12:00:00 

System Information
Host Name rhel-6-openscap 
Operating System Linux 
Operating System Version #1 SMP Sat Nov 24 14:35:28 EST 2012 
Architecture x86_64 
Interfaces
Interface Name lo 
IP Address 127.0.0.1 
MAC Address 00:00:00:00:00:00 
Interface Name eth0 
IP Address 192.168.122.62 
MAC Address 52:54:00:AA:D2:17 
Interface Name lo 
IP Address ::1 
MAC Address 00:00:00:00:00:00 
Interface Name eth0 
IP Address fe80::5054:ff:feaa:d217 
MAC Address 52:54:00:AA:D2:17 
OVAL System Characteristics Generator Information
Schema Version Product Name Product Version Date Time
5.8  cpe:/a:open-scap:oscap    2013-02-05 13:44:58 
Oval Definition Results
   
     True  
   
     False  
   
     Error  
   
     Unknown  
   
     Not Applicable  
   
     Not Evaluated  
OVAL ID Result Class Reference ID Title
oval:org.open-scap.rhel6:def:1127 true compliance CCE-4292-9     Enable the auditd Service 
oval:org.open-scap.rhel6:def:1126 true compliance CCE-4182-2     Ensure All Logs are Rotated by logrotate 
oval:org.open-scap.rhel6:def:1122 true compliance CCE-18240-2     Confirm Existence and Permissions of System Log Files  
oval:org.open-scap.rhel6:def:1121 true compliance CCE-4366-1     Confirm Existence and Permissions of System Log Files  
oval:org.open-scap.rhel6:def:1120 true compliance TBD     Configure Rsyslog 
oval:org.open-scap.rhel6:def:1112 true compliance CCE-4189-7     Inspect and Activate Default Rules  
oval:org.open-scap.rhel6:def:1111 true compliance CCE-4167-3     Verify ip6tables is enabled 
oval:org.open-scap.rhel6:def:1109 true compliance CCE-4287-9     Limit Network-Transmitted Configuration 
oval:org.open-scap.rhel6:def:1108 true compliance CCE-3895-0     Limit Network-Transmitted Configuration 
oval:org.open-scap.rhel6:def:1107 true compliance CCE-4287-9     Limit Network-Transmitted Configuration 
oval:org.open-scap.rhel6:def:1106 true compliance CCE-4128-5     Limit Network-Transmitted Configuration 
oval:org.open-scap.rhel6:def:1105 true compliance CCE-4058-4     Limit Network-Transmitted Configuration 
oval:org.open-scap.rhel6:def:1104 true compliance CCE-4221-8     Limit Network-Transmitted Configuration 
oval:org.open-scap.rhel6:def:1103 true compliance CCE-4159-0     Limit Network-Transmitted Configuration 
oval:org.open-scap.rhel6:def:1099 true compliance CCE-3840-6     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1097 true compliance CCE-4265-5     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1096 true compliance CCE-4133-5     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1095 true compliance CCE-3644-2     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1094 true compliance CCE-4320-8     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1093 true compliance CCE-3339-9     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1092 true compliance CCE-4186-3     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1091 true compliance CCE-4091-5     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1090 true compliance CCE-4320-8     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1089 true compliance CCE-3472-8     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1087 true compliance CCE-4236-6     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1083 true compliance CCE-3668-1     Disable MCS Translation Service (mcstrans) if Possible 
oval:org.open-scap.rhel6:def:1081 true compliance CCE-3624-4     Set SELinux Polixy 
oval:org.open-scap.rhel6:def:1080 true compliance CCE-3999-0     Enable SELinux state 
oval:org.open-scap.rhel6:def:1079 true compliance CCE-3977-6     Enable SELinux 
oval:org.open-scap.rhel6:def:1066 true compliance CCE-3923-0     Set Boot Configuration Permissions 
oval:org.open-scap.rhel6:def:1065 true compliance CCE-4197-0     Set Boot Configuration Group 
oval:org.open-scap.rhel6:def:1064 true compliance CCE-4144-2     Set Boot Loader Configuration Owner 
oval:org.open-scap.rhel6:def:1063 true compliance TBD     Ensure that Users Don't have .netrc files 
oval:org.open-scap.rhel6:def:1061 true compliance CCE-14107-7     Ensure that Users Have Sensible Umask Values in /etc/login.defs 
oval:org.open-scap.rhel6:def:1060 true compliance CCE-4227-5     Ensure that Users Have Sensible Umask Values set for csh 
oval:org.open-scap.rhel6:def:1059 true compliance     Ensure that Users Have Sensible Umask Values set for bash 
oval:org.open-scap.rhel6:def:1056 true compliance CCE-14957-5     Write permissions are disabled for group and other in all directories in Root's Path 
oval:org.open-scap.rhel6:def:1055 true compliance CCE-3301-9     Ensure that No Dangerous Directories Exist in Root's Path 
oval:org.open-scap.rhel6:def:1045 true compliance CCE-15054-0     Set Password retry Requirements 
oval:org.open-scap.rhel6:def:1044 true compliance CCE-4097-2     Set Password Expiration Parameters 
oval:org.open-scap.rhel6:def:1043 true compliance CCE-4092-3     Set Password Expiration Parameters 
oval:org.open-scap.rhel6:def:1042 true compliance CCE-4180-6     Set Password Expiration Parameters 
oval:org.open-scap.rhel6:def:1041 true compliance CCE-4009-7     Verify that No Non-Root Accounts Have UID 0 
oval:org.open-scap.rhel6:def:1040 true compliance CCE-14300-8     Verify that All Account Password Hashes are Shadowed 
oval:org.open-scap.rhel6:def:1039 true compliance CCE-4238-2     Verify that No Accounts Have Empty Password Fields 
oval:org.open-scap.rhel6:def:1036 true compliance CCE-14088-9     Limit su Access to the wheel group 
oval:org.open-scap.rhel6:def:1033 true compliance CCE-4146-7     Enable ExecShield randomized placement of virtual memory regions 
oval:org.open-scap.rhel6:def:1032 true compliance CCE-4168-1     Enable ExecShield 
oval:org.open-scap.rhel6:def:1031 true compliance CCE-4247-3     Disable Core Dumps for setuid programs 
oval:org.open-scap.rhel6:def:1029 true compliance CCE-4220-0     Set Daemon umask 
oval:org.open-scap.rhel6:def:1028 true compliance CCE-14794-2     Find world writable directories not owned by a system account 
oval:org.open-scap.rhel6:def:1027 true compliance CCE-3573-3     Find files unowned by a group 
oval:org.open-scap.rhel6:def:1026 true compliance CCE-4223-4     Find files unowned by a user 
oval:org.open-scap.rhel6:def:1024 true compliance CCE-4178-0     Find Unauthorized SGID System Executables 
oval:org.open-scap.rhel6:def:1021 true compliance CCE-3566-7     Verify permissions on 'passwd' file 
oval:org.open-scap.rhel6:def:1020 true compliance CCE-3932-1     Verify permissions on 'gshadow' file 
oval:org.open-scap.rhel6:def:1019 true compliance CCE-3967-7     Verify permissions on 'group' file 
oval:org.open-scap.rhel6:def:1018 true compliance CCE-4130-1     Verify permissions on 'shadow' file 
oval:org.open-scap.rhel6:def:1017 true compliance CCE-3495-9     Verify group who owns 'passwd' file 
oval:org.open-scap.rhel6:def:1016 true compliance CCE-3958-6     Verify user who owns 'passwd' file 
oval:org.open-scap.rhel6:def:1015 true compliance CCE-4064-2     Verify group who owns 'gshadow' file 
oval:org.open-scap.rhel6:def:1014 true compliance CCE-4210-1     Verify user who owns 'gshadow' file 
oval:org.open-scap.rhel6:def:1013 true compliance CCE-3883-6     Verify group who owns 'group' file 
oval:org.open-scap.rhel6:def:1012 true compliance CCE-3276-3     Verify user who owns 'group' file 
oval:org.open-scap.rhel6:def:1011 true compliance CCE-3988-3     Verify group who owns 'shadow' file 
oval:org.open-scap.rhel6:def:1010 true compliance CCE-3918-0     Verify user who owns 'shadow' file 
oval:org.open-scap.rhel6:def:1007 true compliance TBD     Ensure gpgcheck is Globally Activated 
oval:org.open-scap.rhel6:def:1005 true compliance TBD     Ensure that GPG Key for Red Hat is installed 
oval:org.open-scap.rhel6:def:1142 not evaluated compliance CCE-14692-8     Make the auditd Configuration Immutable 
oval:org.open-scap.rhel6:def:1141 not evaluated compliance CCE-14688-6     Ensure auditd Collects Information on Kernel Module Loading and Unloading 
oval:org.open-scap.rhel6:def:1140 not evaluated compliance CCE-14824-7     Ensure auditd Collects System Administrator Actions 
oval:org.open-scap.rhel6:def:1139 not evaluated compliance CCE-14820-5     Ensure auditd Collects Files Deletion Events by User (successful and unsuccessful) 
oval:org.open-scap.rhel6:def:1138 not evaluated compliance CCE-14569-8     Ensure auditd Collects Information on Exporting to Media (successful) 
oval:org.open-scap.rhel6:def:1137 not evaluated compliance CCE-14296-8     Ensure auditd Collects Information on the Use of Privileged Commands 
oval:org.open-scap.rhel6:def:1136 not evaluated compliance CCE-14917-9     Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful) 
oval:org.open-scap.rhel6:def:1135 not evaluated compliance CCE-14058-2     Ensure auditd Collects Discretionary Access Control Permission Modification Events 
oval:org.open-scap.rhel6:def:1134 not evaluated compliance CCE-14679-5     Ensure auditd Collects Process and Session Initiation Information 
oval:org.open-scap.rhel6:def:1133 not evaluated compliance CCE-14904-7     Ensure auditd Collects Logon and Logout Events 
oval:org.open-scap.rhel6:def:1132 not evaluated compliance CCE-14821-3     Record Events that Modify the System’s Mandatory Access Controls 
oval:org.open-scap.rhel6:def:1131 not evaluated compliance CCE-14816-3     Record Events that Modify the System’s Network Environment 
oval:org.open-scap.rhel6:def:1130 not evaluated compliance CCE-14829-6     Record Events that Modify User/Group Information 
oval:org.open-scap.rhel6:def:1129 not evaluated compliance CCE-14051-7     Records Events that Modify Date and Time Information 
oval:org.open-scap.rhel6:def:1128 not evaluated compliance CCE-15026-8     Enable Auditing for Processes Which Start Prior to the Audit Daemon 
oval:org.open-scap.rhel6:def:1124 not evaluated compliance CCE-17248-6     Send Logs to a Remote Loghost  
oval:org.open-scap.rhel6:def:1123 not evaluated compliance CCE-18095-0     Confirm Existence and Permissions of System Log Files  
oval:org.open-scap.rhel6:def:1119 not evaluated compliance CCE-14027-7     Disable Support for RDS 
oval:org.open-scap.rhel6:def:1118 not evaluated compliance CCE-14132-5     Disable Support for SCTP 
oval:org.open-scap.rhel6:def:1117 not evaluated compliance CCE-14268-7     Disable Support for DCCP 
oval:org.open-scap.rhel6:def:1116 not evaluated compliance TBD     Log and Drop All Other Packets 
oval:org.open-scap.rhel6:def:1115 not evaluated compliance TBD     Restrict ICMP message types 
oval:org.open-scap.rhel6:def:1114 not evaluated compliance TBD     Change the default policy to DROP (from ACCEPT) for the FORWARD built-in chain 
oval:org.open-scap.rhel6:def:1113 not evaluated compliance CCE-14264-6     Change the default policy to DROP (from ACCEPT) for the INPUT built-in chain 
oval:org.open-scap.rhel6:def:1110 not evaluated compliance TBD     Reject Connections in TCP Wrapper by Default 
oval:org.open-scap.rhel6:def:1102 not evaluated compliance     Disable Automatic Configuration 
oval:org.open-scap.rhel6:def:1101 not evaluated compliance CCE-3562-6     Disable Automatic Loading of IPv6 Kernel Module 
oval:org.open-scap.rhel6:def:1100 not evaluated compliance CCE-4276-2     Deactivate Wireless Interfaces 
oval:org.open-scap.rhel6:def:1098 not evaluated compliance CCE-4080-8     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1088 not evaluated compliance CCE-4217-6     Network Parameters for Hosts and Routers 
oval:org.open-scap.rhel6:def:1086 not evaluated compliance CCE-3561-8     Network Parameters for Hosts Only 
oval:org.open-scap.rhel6:def:1085 not evaluated compliance CCE-4155-8     Network Parameters for Hosts Only 
oval:org.open-scap.rhel6:def:1084 not evaluated compliance CCE-4151-7     Network Parameters for Hosts Only 
oval:org.open-scap.rhel6:def:1082 not evaluated compliance CCE-4148-3     Remove SETroubleshoot if Possible 
oval:org.open-scap.rhel6:def:1078 not evaluated compliance CCE-4188-9     Implement a GUI Warning Banner 
oval:org.open-scap.rhel6:def:1077 not evaluated compliance CCE-4060-0     Modify the System Login Banner 
oval:org.open-scap.rhel6:def:1076 not evaluated compliance CCE-3910-7     Configure GUI Screen Locking 
oval:org.open-scap.rhel6:def:1075 not evaluated compliance CCE-14735-5     Implement blank screen saver 
oval:org.open-scap.rhel6:def:1074 not evaluated compliance CCE-14023-6     Lock the screensaver with a password 
oval:org.open-scap.rhel6:def:1073 not evaluated compliance CCE-14604-3     Implement idle activation of screen saver 
oval:org.open-scap.rhel6:def:1072 not evaluated compliance CCE-3315-9     Configure GUI Screen Locking 
oval:org.open-scap.rhel6:def:1071 not evaluated compliance CCE-3707-7     Implement Inactivity Time-out for C Shells 
oval:org.open-scap.rhel6:def:1070 not evaluated compliance CCE-3707-7     Implement Inactivity Time-out for Bourne Shells 
oval:org.open-scap.rhel6:def:1069 not evaluated compliance CCE-4245-7     Disable Interactive Boot 
oval:org.open-scap.rhel6:def:1068 not evaluated compliance CCE-4241-6     Require Authentication for Single-User Mode 
oval:org.open-scap.rhel6:def:1067 not evaluated compliance CCE-3818-2     Set Boot Loader Password 
oval:org.open-scap.rhel6:def:1062 not evaluated compliance TBD     Ensure that Users Have Sensible Umask Values set in /etc/profile 
oval:org.open-scap.rhel6:def:1058 not evaluated compliance TBD     Ensure that User Dot-Files are not World-writable 
oval:org.open-scap.rhel6:def:1057 not evaluated compliance CCE-4090-7     Ensure that User Home Directories are not Group-Writable or World-Readable 
oval:org.open-scap.rhel6:def:1054 not evaluated compliance CCE-14939-3     Limit password reuse 
oval:org.open-scap.rhel6:def:1053 not evaluated compliance CCE-14063-2     Set Password hashing algorithm 
oval:org.open-scap.rhel6:def:1052 not evaluated compliance TBD     Set pam_passwdqc min parameter 
oval:org.open-scap.rhel6:def:1051 not evaluated compliance CCE-14701-7     Set Password difok Requirements 
oval:org.open-scap.rhel6:def:1050 not evaluated compliance CCE-14712-4     Set Password lcredit Requirements 
oval:org.open-scap.rhel6:def:1049 not evaluated compliance CCE-14122-6     Set Password ocredit Requirements 
oval:org.open-scap.rhel6:def:1048 not evaluated compliance CCE-14672-0     Set Password ucredit Requirements 
oval:org.open-scap.rhel6:def:1047 not evaluated compliance CCE-14113-5     Set Password dcredit Requirements 
oval:org.open-scap.rhel6:def:1046 not evaluated compliance CCE-4154-1     Set Minimum Password Length Requirement 
oval:org.open-scap.rhel6:def:1038 not evaluated compliance CCE-3987-5     Block Shell and Login Access for Non-Root System Accounts 
oval:org.open-scap.rhel6:def:1037 not evaluated compliance CCE-15047-4     Limit command Access to the Root Account 
oval:org.open-scap.rhel6:def:1034 not evaluated compliance TBD     Prevent Root Logins to Virtual Consoles 
oval:org.open-scap.rhel6:def:1030 not evaluated compliance CCE-4225-9     Disable Core Dumps 
oval:org.open-scap.rhel6:def:1009 not evaluated compliance CCE-14931-0     Verify Package Integrity Using RPM 
oval:org.open-scap.rhel6:def:1006 not evaluated compliance CCE-3416-5     Disable the rhnsd Daemon 
oval:org.open-scap.rhel6:def:1004 not evaluated compliance TBD     Ensure that /home has its own partition or logical volume 
oval:org.open-scap.rhel6:def:1003 not evaluated compliance TBD     Ensure that /var/log/audit has its own partition or logical volume 
oval:org.open-scap.rhel6:def:1002 not evaluated compliance TBD     Ensure that /var/log has its own partition or logical volum 
oval:org.open-scap.rhel6:def:1001 not evaluated compliance TBD     Ensure that /var has its own partition or logical volume 
oval:org.open-scap.rhel6:def:1000 not evaluated compliance TBD     Ensure that /tmp has its own partition or logical volume 
oval:org.open-scap.rhel6:def:1125 false compliance CCE-17248-6     Rsyslog shouldn't be run in a compatibility mode 
oval:org.open-scap.rhel6:def:1035 false compliance TBD     Prevent Root Logins to Serial Consoles 
oval:org.open-scap.rhel6:def:1025 false compliance CCE-3324-1     Find Unauthorized SUID System Executables 
oval:org.open-scap.rhel6:def:1023 false compliance CCE-3795-2     Find Unauthorized World-Writable Files 
oval:org.open-scap.rhel6:def:1022 false compliance CCE-3399-3     Verify that All World-Writable Directories Have Sticky Bits Set 
oval:org.open-scap.rhel6:def:1008 false compliance TBD     Ensure Package Signature Checking is Not Disabled For Any Repos