Skip to content
Log In

Guide to the Secure Configuration of Ubuntu 20.04

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Disable Cyrus IMAP

    If the system does not need to operate as an IMAP or POP3 server, the Cyrus IMAP software should be removed.
    Group
    Show

  • Disable Dovecot

    If the system does not need to operate as an IMAP or POP3 server, the dovecot software should be disabled and removed.
    Group
    Show

  • Uninstall dovecot Package

    The dovecot-core package can be removed with the following command: 
    $ apt-get remove dovecot-core
    Rule Unknown Severity
    Show

  • LDAP

    LDAP is a popular directory service, that is, a standardized way of looking up information from a central database. Ubuntu 20.04 includes software that enables a system to act as both an LDAP clien...
    Group
    Show

  • Configure OpenLDAP Clients

    This section provides information on which security settings are important to configure in OpenLDAP clients by manually editing the appropriate configuration files. Ubuntu 20.04 provides an automa...
    Group
    Show

  • Configure OpenLDAP Server

    This section details some security-relevant settings for an OpenLDAP server.
    Group
    Show

  • Uninstall openldap-servers Package

    The slapd package is not installed by default on a Ubuntu 20.04 system. It is needed only by the OpenLDAP server, not by the clients which use LDAP for authentication. If the system is not intended...
    Rule Low Severity
    Show

  • Configure System to Forward All Mail From Postmaster to The Root Account

    Verify the administrators are notified in the event of an audit processing failure. Check that the "/etc/aliases" file has a defined value for "root". <pre>$ sudo grep "postmaster:\s*root$" /etc/al...
    Rule Medium Severity
    Show

  • The Postfix package is installed

    A mail server is required for sending emails. The postfix package can be installed with the following command: 
    $ apt-get install postfix
    Rule Medium Severity
    Show

  • Enable Postfix Service

    The Postfix mail transfer agent is used for local mail delivery within the system. The default configuration only listens for connections to the default SMTP port (port 25) on the loopback interfac...
    Rule Unknown Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules