| AZLX-23-002605 | V1R2 | Amazon Linux 2023 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring rate-limiting measures are configured on impacted network interfaces. | Amazon Linux 2023 |
| ALMA-09-042370 | V1R5 | AlmaLinux OS 9 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring rate-limiting measures on impacted network interfaces are implemented. | AlmaLinux OS 9 |
| ALMA-09-042480 | V1R5 | AlmaLinux OS 9 must be configured to use TCP syncookies. | AlmaLinux OS 9 |
| OL07-00-040510 | V3R5 | The Oracle Linux operating system must protect against or limit the effects of Denial of Service (DoS) attacks by validating the operating system is implementing rate-limiting measures on impacted network interfaces. | Oracle Linux 7 |
| OL09-00-006000 | V1R4 | OL 9 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring rate-limiting measures on impacted network interfaces are implemented. | Oracle Linux 9 |
| OL09-00-006050 | V1R4 | OL 9 must be configured to use TCP syncookies. | Oracle Linux 9 |
| RHEL-10-000530 | V1R1 | RHEL 10 must use a separate file system for user home directories (such as "/home" or an equivalent). | Red Hat Enterprise Linux 10 |
| RHEL-10-000540 | V1R1 | RHEL 10 must use a separate file system for "/tmp". | Red Hat Enterprise Linux 10 |
| RHEL-10-000550 | V1R1 | RHEL 10 must use a separate file system for "/var". | Red Hat Enterprise Linux 10 |
| RHEL-10-000560 | V1R1 | RHEL 10 must use a separate file system for "/var/log". | Red Hat Enterprise Linux 10 |
| RHEL-10-000570 | V1R1 | RHEL 10 must use a separate file system for "/var/tmp". | Red Hat Enterprise Linux 10 |
| RHEL-10-200643 | V1R1 | RHEL 10 must be configured so that the rsyslog daemon does not accept log messages from other servers unless the server is being used for log aggregation. | Red Hat Enterprise Linux 10 |
| RHEL-10-600180 | V1R1 | RHEL 10 must assign a home directory to all local interactive users in the "/etc/passwd" file. | Red Hat Enterprise Linux 10 |
| RHEL-10-600190 | V1R1 | RHEL 10 must ensure that all local interactive user home directories defined in the "/etc/passwd" file must exist. | Red Hat Enterprise Linux 10 |
| RHEL-10-700820 | V1R1 | RHEL 10 must prevent a user from overriding the Ctrl-Alt-Del sequence settings for the graphical user interface. | Red Hat Enterprise Linux 10 |
| RHEL-10-700830 | V1R1 | RHEL 10 must disable the ability of a user to accidentally press Ctrl-Alt-Del and cause a system to shut down or reboot. | Red Hat Enterprise Linux 10 |
| RHEL-10-800060 | V1R1 | RHEL 10 must have at least two name servers configured for systems using Domain Name Server (DNS) resolution. | Red Hat Enterprise Linux 10 |
| RHEL-10-800080 | V1R1 | RHEL 10 must be configured to use Transmission Control Protocol (TCP) syncookies. | Red Hat Enterprise Linux 10 |
| RHEL-10-800090 | V1R1 | RHEL 10 must ignore Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages. | Red Hat Enterprise Linux 10 |
| RHEL-10-800100 | V1R1 | RHEL 10 must not forward Internet Protocol version 4 (IPv4) source-routed packets. | Red Hat Enterprise Linux 10 |
| RHEL-10-800110 | V1R1 | RHEL 10 must log Internet Protocol version 4 (IPv4) packets with impossible addresses. | Red Hat Enterprise Linux 10 |
| RHEL-10-800120 | V1R1 | RHEL 10 must log Internet Protocol version 4 (IPv4) packets with impossible addresses by default. | Red Hat Enterprise Linux 10 |
| RHEL-10-800130 | V1R1 | RHEL 10 must use reverse path filtering on all Internet Protocol version 4 (IPv4) interfaces. | Red Hat Enterprise Linux 10 |
| RHEL-10-800140 | V1R1 | RHEL 10 must prevent Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages from being accepted. | Red Hat Enterprise Linux 10 |
| RHEL-10-800150 | V1R1 | RHEL 10 must not forward Internet Protocol version 4 (IPv4) source-routed packets by default. | Red Hat Enterprise Linux 10 |
| RHEL-10-800160 | V1R1 | RHEL 10 must use a reverse-path filter for Internet Protocol version 4 (IPv4) network traffic when possible by default. | Red Hat Enterprise Linux 10 |
| RHEL-10-800170 | V1R1 | RHEL 10 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address. | Red Hat Enterprise Linux 10 |
| RHEL-10-800180 | V1R1 | RHEL 10 must limit the number of bogus Internet Control Message Protocol (ICMP) response errors logs. | Red Hat Enterprise Linux 10 |
| RHEL-10-800190 | V1R1 | RHEL 10 must not send Internet Control Message Protocol (ICMP) redirects. | Red Hat Enterprise Linux 10 |
| RHEL-10-800200 | V1R1 | RHEL 10 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default. | Red Hat Enterprise Linux 10 |
| RHEL-10-800210 | V1R1 | RHEL 10 must not enable Internet Protocol version 4 (IPv4) packet forwarding unless the system is a router. | Red Hat Enterprise Linux 10 |
| RHEL-10-800220 | V1R1 | RHEL 10 must not accept router advertisements on all Internet Protocol version 6 (IPv6) interfaces. | Red Hat Enterprise Linux 10 |
| RHEL-10-800230 | V1R1 | RHEL 10 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages. | Red Hat Enterprise Linux 10 |
| RHEL-10-800240 | V1R1 | RHEL 10 must not forward Internet Protocol version 6 (IPv6) source-routed packets. | Red Hat Enterprise Linux 10 |
| RHEL-10-800250 | V1R1 | RHEL 10 must not enable Internet Protocol version 6 (IPv6) packet forwarding unless the system is a router. | Red Hat Enterprise Linux 10 |
| RHEL-10-800260 | V1R1 | RHEL 10 must not accept router advertisements on all Internet Protocol version 6 (IPv6) interfaces by default. | Red Hat Enterprise Linux 10 |
| RHEL-10-800270 | V1R1 | RHEL 10 must prevent Internet Protocol version 6 (IPv6) Internet Control Message Protocol (ICMP) redirect messages from being accepted. | Red Hat Enterprise Linux 10 |
| RHEL-10-800280 | V1R1 | RHEL 10 must not forward Internet Protocol version 6 (IPv6) source-routed packets by default. | Red Hat Enterprise Linux 10 |
| RHEL-10-800290 | V1R1 | RHEL 10 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring that rate-limiting measures on impacted network interfaces are implemented. | Red Hat Enterprise Linux 10 |
| RHEL-10-800300 | V1R1 | RHEL 10 must configure a DNS processing mode in Network Manager to avoid conflicts with other Domain Name Server (DNS) managers and to not leak DNS queries to untrusted networks. | Red Hat Enterprise Linux 10 |
| RHEL-08-040150 | V2R6 | A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces. | Red Hat Enterprise Linux 8 |
| RHEL-09-251030 | V2R7 | RHEL 9 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring rate-limiting measures on impacted network interfaces are implemented. | Red Hat Enterprise Linux 9 |
| SLES-12-030040 | V3R4 | SuSEfirewall2 must protect against or limit the effects of Denial-of-Service (DoS) attacks on the SUSE operating system by implementing rate-limiting measures on impacted network interfaces. | SUSE Linux Enterprise 12 |
| TOSS-04-040480 | V2R3 | A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring TOSS can implement rate-limiting measures on impacted network interfaces. | Tri-Lab Operating System Stack |
| UBTU-18-010512 | V2R15 | The Ubuntu operating system must configure the uncomplicated firewall to rate-limit impacted network interfaces. | Ubuntu 18.04 |
| UBTU-20-010446 | V2R3 | The Ubuntu operating system must configure the uncomplicated firewall to rate-limit impacted network interfaces. | Ubuntu 20.04 |
| UBTU-22-251025 | V2R7 | Ubuntu 22.04 LTS must configure the Uncomplicated Firewall (ufw) to rate-limit impacted network interfaces. | Ubuntu 22.04 |
| UBTU-24-600200 | V1R1 | Ubuntu 24.04 LTS must configure the uncomplicated firewall to rate-limit impacted network interfaces. | Ubuntu 24.04 |
| WN10-CC-000035 | V3R6 | The system must be configured to ignore NetBIOS name release requests except from WINS servers. | Microsoft Windows 10 |
| WN10-CC-000220 | V3R6 | Turning off File Explorer heap termination on corruption must be disabled. | Microsoft Windows 10 |
| WN11-CC-000035 | V2R5 | The system must be configured to ignore NetBIOS name release requests except from WINS servers. | Microsoft Windows 11 |
| WN11-CC-000220 | V2R5 | File Explorer heap termination on corruption must be disabled. | Microsoft Windows 11 |
| WN16-CC-000070 | V2R9 | Windows Server 2016 must be configured to ignore NetBIOS name release requests except from WINS servers. | Microsoft Windows Server 2016 |
| WN19-CC-000060 | V3R7 | Windows Server 2019 must be configured to ignore NetBIOS name release requests except from WINS servers. | Microsoft Windows Server 2019 |
| WN22-CC-000060 | V2R7 | Windows Server 2022 must be configured to ignore NetBIOS name release requests except from WINS servers. | Microsoft Windows Server 2022 |
| WN25-CC-000060 | V1R1 | Windows Server 2025 must be configured to ignore NetBIOS name release requests except from WINS servers. | Microsoft Windows Server 2025 |