Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Ubuntu 16.04

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Dectivate firewalld Rules

    Firewalls can be used to separate networks into different zones based on the level of trust the user has decided to place on the devices and traffi...
    Group
    Show

  • Network Manager

    The NetworkManager daemon configures a variety of network connections. This section discusses how to configure NetworkManager.
    Group
    Show

  • NetoworkManager DNS Mode

    This sets how NetworkManager handles DNS. none - NetworkManager will not modify resolv.conf. default - NetworkManager will update /etc/resolv.con...
    Value
    Show

  • Ensure /dev/shm is configured

    The <code>/dev/shm</code> is a traditional shared memory concept. One program will create a memory portion, which other processes (if permitted) ca...
    Rule Low Severity
    Show

  • Ensure PAM Displays Last Logon/Access Notification

    To configure the system to notify users of last logon/access using <code>pam_lastlog</code>, add or correct the <code>pam_lastlog</code> settings i...
    Rule Low Severity
    Show

  • Prevent Login to Accounts With Empty Password

    If an account is configured for password authentication but does not have an assigned password, it may be possible to log into the account without ...
    Rule High Severity
    Show

  • Record Attempts to Alter Logon and Logout Events

    The audit system already collects login information for all users and root. If the <code>auditd</code> daemon is configured to use the <code>augenr...
    Group
    Show

  • Type of hostname to record the audit event

    Type of hostname to record the audit event
    Value
    Show

  • Restrict unprivileged access to the kernel syslog

    Enforce restrictions on unprivileged users reading the kernel syslog via dmesg(8). The configuration that was used to build kernel is available at...
    Rule Medium Severity
    Show

  • Ensure Log Files Are Owned By Appropriate Group

    The group-owner of all log files written by <code>rsyslog</code> should be <code>adm</code>. These log files are determined by the second part of e...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules