Skip to content
Log In

Guide to the Secure Configuration of Oracle Linux 9

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Disable network management of chrony daemon

    The cmdport option in /etc/chrony.conf can be set to 0 to stop chrony daemon from listening on the UDP port 323 for management connections made by chronyc.
    Rule Low Severity
    Show

  • Configure Time Service Maxpoll Interval

    The <code>maxpoll</code> should be configured to <xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_time_service_set_maxpoll" use="legacy"></xccdf-1.2:sub> in <code>/etc/ntp.conf</code> o...
    Rule Medium Severity
    Show

  • Ensure Chrony is only configured with the server directive

    Check that Chrony only has time sources configured with the server directive.
    Rule Medium Severity
    Show

  • Obsolete Services

    This section discusses a number of network-visible services which have historically caused problems for system security, and for which disabling or severely limiting the service has been the best a...
    Group
    Show

  • Rlogin, Rsh, and Rexec

    The Berkeley r-commands are legacy services which allow cleartext remote access and have an insecure trust model.
    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules