Skip to content
Log In

Guide to the Secure Configuration of Ubuntu 20.04

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Ensure Mail Transfer Agent is not Listening on any non-loopback Address

    Mail Transfer Agents (MTA), such as sendmail and Postfix, are used to listen for incoming mail and transfer the messages to the appropriate user or mail server. If the system is not intended to be ...
    Rule Medium Severity
    Show

  • Configure SMTP For Mail Clients

    This section discusses settings for Postfix in a submission-only e-mail configuration.
    Group
    Show

  • Postfix Network Interfaces

    The setting for inet_interfaces in /etc/postfix/main.cf
    Value
    Show

  • Postfix relayhost

    Specify the host all outbound email should be routed into.
    Value
    Show

  • Postfix Root Mail Alias

    Specify an email address (string) for a root mail alias.
    Value
    Show

  • Configure System to Forward All Mail For The Root Account

    Make sure that mails delivered to root user are forwarded to a monitored email address. Make sure that the address <xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_postfix_root_mail_ali...
    Rule Medium Severity
    Show

  • Disable Postfix Network Listening

    Edit the file <code>/etc/postfix/main.cf</code> to ensure that only the following <code>inet_interfaces</code> line appears: <pre>inet_interfaces = <xccdf-1.2:sub idref="xccdf_org.ssgproject.conten...
    Rule Medium Severity
    Show

  • NFS and RPC

    The Network File System is a popular distributed filesystem for the Unix environment, and is very widely deployed. This section discusses the circumstances under which it is possible to disable NF...
    Group
    Show

  • Disable All NFS Services if Possible

    If there is not a reason for the system to operate as either an NFS client or an NFS server, follow all instructions in this section to disable subsystems required by NFS.
    Group
    Show

  • Disable netfs if Possible

    To determine if any network filesystems handled by netfs are currently mounted on the system execute the following command: <pre>$ mount -t nfs,nfs4,smbfs,cifs,ncpfs</pre> If the command did not re...
    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules