Guide to the Secure Configuration of Debian 11
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Configure System to Forward All Mail For The Root Account
Make sure that mails delivered to root user are forwarded to a monitored email address. Make sure that the address <xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_postfix_root_mail_ali...Rule Medium Severity -
Configure System to Forward All Mail From Postmaster to The Root Account
Verify the administrators are notified in the event of an audit processing failure. Check that the "/etc/aliases" file has a defined value for "root". <pre>$ sudo grep "postmaster:\s*root$" /etc/al...Rule Medium Severity -
Configure System to Forward All Mail through a specific host
Set up a relay host that will act as a gateway for all outbound email. Edit the file <code>/etc/postfix/main.cf</code> to ensure that only the following <code>relayhost</code> line appears: <pre>re...Rule Medium Severity -
NFS and RPC
The Network File System is a popular distributed filesystem for the Unix environment, and is very widely deployed. This section discusses the circumstances under which it is possible to disable NF...Group -
Disable All NFS Services if Possible
If there is not a reason for the system to operate as either an NFS client or an NFS server, follow all instructions in this section to disable subsystems required by NFS.Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules