Guide to the Secure Configuration of Oracle Linux 8
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Restrict the Set of Users Allowed to Access FTP
This section describes how to disable non-anonymous (password-based) FTP logins, or, if it is not possible to do this entirely due to legacy applications, how to restrict insecure FTP login to only...Group -
Limit Users Allowed FTP Access if Necessary
If there is a mission-critical reason for users to access their accounts via the insecure FTP protocol, limit the set of users who are allowed this access. Edit the vsftpd configuration file. Add o...Rule Unknown Severity -
Kerberos
The Kerberos protocol is used for authentication across non-secure network. Authentication can happen between various types of principals -- users, service, or hosts. Their identity and encryption ...Group -
Remove the Kerberos Server Package
The <code>krb5-server</code> package should be removed if not in use. Is this system the Kerberos server? If not, remove the package. The <code>krb5-server</code> package can be removed with the fo...Rule Medium Severity -
Disable Kerberos by removing host keytab
Kerberos is not an approved key distribution method for Common Criteria. To prevent using Kerberos by system daemons, remove the Kerberos keytab files, especially/etc/krb5.keytab.Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules