[ Thanks to Jamie Adams for this link. ]
For Red Hat Enterprise Linux 5 administrators, this
Security Technical Implementation Guide (STIG) has supplanted the
generic UNIX STIG.The generic UNIX STIG had the single potential discrepancy
indicator (PDI) GEN003600 – Network Security Settings.The checklist
document required you to check four network settings in the running
kernel. The new Red Hat 5 STIG, however, has many more settings and
provides better explanations. I would caution administrators from
rushing to add all because most are defaults.