Guide to the Secure Configuration of Anolis OS 23
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Proxy Server
A proxy server is a very desirable target for a potential adversary because much (or all) sensitive data for a given infrastructure may flow throug...Group -
Disable Squid if Possible
If Squid was installed and activated, but the system does not need to act as a proxy server, then it should be disabled and removed.Group -
Disable Squid
Thesquidservice can be disabled with the following command:$ sudo systemctl mask --now squid.service
Rule Unknown Severity -
Remote Authentication Dial-In User Service (RADIUS)
Remote Authentication Dial-In User Service (RADIUS) is a networking protocol, operating on port 1812 that provides centralized Authentication, Auth...Group -
Hardware RNG Entropy Gatherer Daemon
The rngd feeds random data from hardware device to kernel random device.Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules