Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of SUSE Linux Enterprise Micro 5

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Ensure Software Patches Installed

    If the system is configured for online updates, invoking the following command will list available security updates: <pre>$ sudo zypper refresh &a...
    Rule Medium Severity
    Show

  • Warning Banners for System Accesses

    Each system should expose as little information about itself as possible. <br> <br> System banners, which are typically displayed just befor...
    Group
    Show

  • Login Banner Verbiage

    Enter an appropriate login banner for your organization. Please note that new lines must be expressed by the '\n' character and special characters ...
    Value
    Show

  • Modify the System Login Banner

    To configure the system login banner edit <code>/etc/issue</code>. Replace the default text with a message compliant with the local site policy or...
    Rule Medium Severity
    Show

  • Password Hashing algorithm

    Specify the system default encryption algorithm for encrypting passwords. Defines the value set as ENCRYPT_METHOD in /etc/login.defs.
    Value
    Show

  • Password Hashing algorithm for pam_unix.so

    Specify the system default encryption algorithm for encrypting passwords. Defines the hashing algorithm to be used in pam_unix.so.
    Value
    Show

  • Ensure PAM Displays Last Logon/Access Notification

    To configure the system to notify users of last logon/access using <code>pam_lastlog</code>, add or correct the <code>pam_lastlog</code> settings i...
    Rule Low Severity
    Show

  • The PAM configuration should not be changed automatically

    Verify the SUSE operating system is configured to not overwrite Pluggable Authentication Modules (PAM) configuration on package changes.
    Rule Medium Severity
    Show

  • Set Deny For Failed Password Attempts

    The SUSE Linux Enterprise Micro 5 operating system must lock an account after - at most - <xccdf-1.2:sub xmlns:xccdf-1.2="http://checklists.nist.go...
    Rule Medium Severity
    Show

  • Set Password Quality Requirements

    The default <code>pam_pwquality</code> PAM module provides strength checking for passwords. It performs a number of checks, such as making sure pas...
    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules