Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Oracle Linux 9

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Test in Non-Production Environment

    This guidance should always be tested in a non-production environment before deployment. This test environment should simulate the setup in which t...
    Group
    Show

  • 389 Directory Server

    389 Directory Server is a popular open-source LDAP server for Linux.
    Group
    Show

  • SSH Strong MACs by FIPS

    Specify the FIPS approved MACs (Message Authentication Code) algorithms that are used for data integrity protection by the SSH server.
    Value
    Show

  • Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces

    To set the runtime status of the <code>net.ipv4.conf.all.forwarding</code> kernel parameter, run the following command: <pre>$ sudo sysctl -w net.i...
    Rule Medium Severity
    Show

  • Verify File Hashes with RPM

    Without cryptographic integrity protections, system executables and files can be altered by unauthorized users without detection. The RPM package m...
    Rule High Severity
    Show

  • Verify and Correct Ownership with RPM

    The RPM package management system can check file ownership permissions of installed software packages, including many that are important to system ...
    Rule High Severity
    Show

  • Verify and Correct File Permissions with RPM

    The RPM package management system can check file access permissions of installed software packages, including many that are important to system sec...
    Rule High Severity
    Show

  • Configure SSH Client to Use FIPS 140-2 Validated MACs: openssh.config

    Crypto Policies provide a centralized control over crypto algorithms usage of many packages. OpenSSH is supported by system crypto policy, but the ...
    Rule Medium Severity
    Show

  • Ensure /dev/shm is configured

    The <code>/dev/shm</code> is a traditional shared memory concept. One program will create a memory portion, which other processes (if permitted) ca...
    Rule Low Severity
    Show

  • Ensure PAM Displays Last Logon/Access Notification

    To configure the system to notify users of last logon/access using <code>pam_lastlog</code>, add or correct the <code>pam_lastlog</code> settings i...
    Rule Low Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules