Guide to the Secure Configuration of Ubuntu 16.04
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Password Hashing algorithm
Specify the number of SHA rounds for the system password encryption algorithm. Defines the value set in <code>/etc/pam.d/system-auth</code> and <co...Value -
Verify All Account Password Hashes are Shadowed
If any password hashes are stored in <code>/etc/passwd</code> (in the second field, instead of an <code>x</code> or <code>*</code>), the cause of t...Rule Medium Severity -
Ensure all users last password change date is in the past
All users should have a password change date in the past.Rule Medium Severity -
All GIDs referenced in /etc/passwd must be defined in /etc/group
Add a group to the system for each GID referenced without a corresponding group.Rule Low Severity -
The percentage remaining in disk space before prompting admin_space_left_action
The setting for admin_space_left as a percentage in /etc/audit/auditd.confValue -
Secure Session Configuration Files for Login Accounts
When a user logs into a Unix account, the system configures the user's session by reading a number of files. Many of these files are located in the...Group -
Ensure There Are No Accounts With Blank or Null Passwords
Check the "/etc/shadow" file for blank passwords with the following command: <pre>$ sudo awk -F: '!$2 {print $1}' /etc/shadow</pre> If the command ...Rule High Severity -
Verify No netrc Files Exist
The <code>.netrc</code> files contain login information used to auto-login into FTP servers and reside in the user's home directory. These files ma...Rule Medium Severity -
Restrict Root Logins
Direct root logins should be allowed only for emergency use. In normal situations, the administrator should access the system via a unique unprivil...Group -
Group Name Used by pam_wheel Group Parameter
pam_wheel module has a parameter called group, which controls which groups can access the su command. This variable holds the valid value for the p...Value
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.