Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Fedora

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Run Different Network Services on Separate Systems

    Whenever possible, a server should be dedicated to serving exactly one network service. This limits the number of other services that can be compro...
    Group
    Show

  • Configure Security Tools to Improve System Robustness

    Several tools exist which can be effectively used to improve a system's resistance to and detection of unknown attacks. These tools can improve rob...
    Group
    Show

  • How to Use This Guide

    Readers should heed the following points when using the guide.
    Group
    Show

  • Formatting Conventions

    Commands intended for shell execution, as well as configuration file text, are featured in a <code>monospace font</code>. <i>Italics</i> are used t...
    Group
    Show

  • Read Sections Completely and in Order

    Each section may build on information and recommendations discussed in prior sections. Each section should be read and understood completely; instr...
    Group
    Show

  • Verify File Hashes with RPM

    Without cryptographic integrity protections, system executables and files can be altered by unauthorized users without detection. The RPM package m...
    Rule High Severity
    Show

  • Verify and Correct File Permissions with RPM

    The RPM package management system can check file access permissions of installed software packages, including many that are important to system sec...
    Rule High Severity
    Show

  • Configure SSH Client to Use FIPS 140-2 Validated MACs: openssh.config

    Crypto Policies provide a centralized control over crypto algorithms usage of many packages. OpenSSH is supported by system crypto policy, but the ...
    Rule Medium Severity
    Show

  • Ensure /dev/shm is configured

    The <code>/dev/shm</code> is a traditional shared memory concept. One program will create a memory portion, which other processes (if permitted) ca...
    Rule Low Severity
    Show

  • Install cryptsetup Package

    The cryptsetup package can be installed with the following command: 
    $ sudo dnf install cryptsetup
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules