Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Oracle Linux 10

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Verify User Who Owns /etc/ipsec.d Directory

    To properly set the owner of /etc/ipsec.d, run the command: 
    $ sudo chown root /etc/ipsec.d
    Rule Medium Severity
    Show

  • Verify Permissions On /etc/ipsec.d Directory

    To properly set the permissions of /etc/ipsec.d, run the command: 
    $ sudo chmod 0700 /etc/ipsec.d
    Rule Medium Severity
    Show

  • Verify Group Who Owns /etc/ipsec.conf File

    To properly set the group owner of /etc/ipsec.conf, run the command: 
    $ sudo chgrp root /etc/ipsec.conf
    Rule Medium Severity
    Show

  • Verify Group Who Owns /etc/ipsec.secrets File

    To properly set the group owner of /etc/ipsec.secrets, run the command: 
    $ sudo chgrp root /etc/ipsec.secrets
    Rule Medium Severity
    Show

  • Verify User Who Owns /etc/ipsec.conf File

    To properly set the owner of /etc/ipsec.conf, run the command: 
    $ sudo chown root /etc/ipsec.conf
    Rule Medium Severity
    Show

  • Verify User Who Owns /etc/ipsec.secrets File

    To properly set the owner of /etc/ipsec.secrets, run the command: 
    $ sudo chown root /etc/ipsec.secrets
    Rule Medium Severity
    Show

  • Verify Permissions On /etc/ipsec.conf File

    To properly set the permissions of /etc/ipsec.conf, run the command: 
    $ sudo chmod 0644 /etc/ipsec.conf
    Rule Medium Severity
    Show

  • Verify Permissions On /etc/ipsec.secrets File

    To properly set the permissions of /etc/ipsec.secrets, run the command: 
    $ sudo chmod 0644 /etc/ipsec.secrets
    Rule Medium Severity
    Show

  • iptables and ip6tables

    A host-based firewall called <code>netfilter</code> is included as part of the Linux kernel distributed with the system. It is activated by default...
    Group
    Show

  • Verify Group Who Owns /etc/iptables Directory

    To properly set the group owner of /etc/iptables, run the command: 
    $ sudo chgrp root /etc/iptables
    Rule Medium Severity
    Show

  • Verify User Who Owns /etc/iptables Directory

    To properly set the owner of /etc/iptables, run the command: 
    $ sudo chown root /etc/iptables
    Rule Medium Severity
    Show

  • Verify Permissions On /etc/iptables Directory

    To properly set the permissions of /etc/iptables, run the command: 
    $ sudo chmod 0700 /etc/iptables
    Rule Medium Severity
    Show

  • IPv6

    The system includes support for Internet Protocol version 6. A major and often-mentioned improvement over IPv4 is its enormous increase in the numb...
    Group
    Show

  • Configure IPv6 Settings if Necessary

    A major feature of IPv6 is the extent to which systems implementing it can automatically configure their networking devices using information from ...
    Group
    Show

  • net.ipv6.conf.all.accept_ra_defrtr

    Accept default router in router advertisements?
    Value
    Show

  • net.ipv6.conf.all.accept_ra_pinfo

    Accept prefix information in router advertisements?
    Value
    Show

  • net.ipv6.conf.all.accept_ra_rtr_pref

    Accept router preference in router advertisements?
    Value
    Show

  • net.ipv6.conf.all.accept_redirects

    Toggle ICMP Redirect Acceptance
    Value
    Show

  • net.ipv6.conf.all.accept_source_route

    Trackers could be using source-routed packets to generate traffic that seems to be intra-net, but actually was created outside and has been redirec...
    Value
    Show

  • net.ipv6.conf.all.autoconf

    Enable auto configuration on IPv6 interfaces
    Value
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules