Skip to content

Guide to the Secure Configuration of Ubuntu 22.04

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Ensure auditd Collects Information on the Use of Privileged Commands - insmod

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - modprobe

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - mount

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - newgidmap

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - newgrp

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - newuidmap

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - pam_timestamp_check

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - passwd

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - postdrop

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - postqueue

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - rmmod

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Record Any Attempts to Run ssh-agent

    At a minimum, the audit system should collect any execution attempt of the <code>ssh-agent</code> command for all users and root. If the <code>audi...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - su

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - sudo

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - sudoedit

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - umount

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Action for audispd to take when network fails

    The setting for network_failure_action in /etc/audisp/audisp-remote.conf
    Value
  • Ensure auditd Collects Information on the Use of Privileged Commands - unix_chkpwd

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - unix_update

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - usermod

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules