Guide to the Secure Configuration of Ubuntu 22.04
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Log and Drop Packets with Suspicious Source Addresses
Packets with non-routable source addresses should be rejected, as they may indicate spoofing. Because the modified policy will reject non-matching ...Group -
squid_use_tproxy SELinux Boolean
default - Default SELinux boolean setting.
on - SELinux boolean is enabled.
off - SELinux boolean is disabled.Value -
Disable IPv6 Networking Support Automatic Loading
To prevent the IPv6 kernel module (<code>ipv6</code>) from binding to the IPv6 networking stack, add the following line to <code>/etc/modprobe.d/di...Rule Medium Severity -
Disable IPv6 Addressing on All IPv6 Interfaces
To disable support for (<code>ipv6</code>) addressing on all interface add the following line to <code>/etc/sysctl.d/ipv6.conf</code> (or another f...Rule Medium Severity -
Disable IPv6 Addressing on IPv6 Interfaces by Default
To disable support for (<code>ipv6</code>) addressing on interfaces by default add the following line to <code>/etc/sysctl.d/ipv6.conf</code> (or a...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules