Exceptions to STIG Compliance

Column 1: Check
Column 2:
Verify that a separate file system/partition has been created for "/tmp". Check that a file system/partition has been created for "/tmp" with the following command:

systemctl is-enabled tmp.mount

enabled

If the "tmp.mount" service is not enabled, check to see if "/tmp" is defined in the fstab with a device and mount point:

grep -i /tmp /etc/fstab

UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /tmp ext4 rw,relatime,discard,data=ordered,nosuid,noexec, 0 0

If "tmp.mount" service is not enabled or the "/tmp" directory is not defined in the fstab with a device and mount point, this is a finding.

Column 1: Comments
Column 2: Future Feature - NetWitness Platform does not meet this requirement. NetWitness plans to fix this in a future release of NetWitness Platform.

Column 1: Check
Column 2:
Verify that a separate file system/partition has been created for "/var". Check that a file system/partition has been created for "/var" with the following command:

grep /var /etc/fstab

UUID=c274f65f /var ext4 noatime,nobarrier 1 2

If a separate entry for "/var" is not in use, this is a finding.

Column 1: Comments
Column 2: Not a Finding. Hardware is dedicated for NetWitness, and NetWitness software is installed in /var/netwitness by default and a separate partition is on /var/netwitness.

The following checks for non-compliance to STIG rules are not supported in NetWitness Platform and will be added in a future release.

Exceptions to STIG Compliance - 2