Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-102331

Rule "Ensure events that modify the system's networkenvironment are collected" is not handling /etc/NetworkManager

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • rhel-9.6
    • scap-security-guide
    • None
    • rhel-security-compliance
    • 2
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • Red Hat Enterprise Linux
    • None
    • Unspecified Release Note Type - Unknown
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      As per CIS_Red_Hat_Enterprise_Linux_9_Benchmark_v2.0.0 specification, "Ensure events that modify the system's networkenvironment are collected" is supposed to track modifications in /etc/NetworkManager, which is the new location for network configuration snippets.

      What is the reason for not having this yet?
      Is it due to needing to use -w /etc/NetworkManager audit rules which is deprecated and may lead to performance issues or just lack of time to do so?

              rh-ee-adenisov Artem Denisov
              rhn-support-rmetrich Renaud Métrich
              Vojtech Polasek Vojtech Polasek
              SSG Security QE SSG Security QE
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: