Skip to content
Log In

Guide to the Secure Configuration of UnionTech OS Server 20

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Action for auditd to take when disk errors

    'The setting for disk_error_action in /etc/audit/auditd.conf, if multiple values are allowed write them separated by pipes as in "syslog|single|halt", for remediations the first value will be taken'
    Value
    Show

  • Action for auditd to take when disk is full

    'The setting for disk_full_action in /etc/audit/auditd.conf, if multiple values are allowed write them separated by pipes as in "syslog|single|halt", for remediations the first value will be taken'
    Value
    Show

  • Number of Record to Retain Before Flushing to Disk

    The setting for freq in /etc/audit/auditd.conf
    Value
    Show

  • Maximum audit log file size for auditd

    The setting for max_log_file in /etc/audit/auditd.conf
    Value
    Show

  • Action for auditd to take when log files reach their maximum size

    The setting for max_log_file_action in /etc/audit/auditd.conf. The following options are available: <br>ignore - audit daemon does nothing. <br>syslog - audit daemon will issue a warning to syslog....
    Value
    Show

  • Number of log files for auditd to retain

    The setting for num_logs in /etc/audit/auditd.conf
    Value
    Show

  • Action for auditd to take when disk space just starts to run low

    The setting for space_left_action in /etc/audit/auditd.conf
    Value
    Show

  • Disable SSH Root Login

    The root user should never be allowed to login to a system directly over a network. To disable root login via SSH, add or correct the following line in <code>/etc/ssh/sshd_config</code>: <pre>Pe...
    Rule Medium Severity
    Show

  • Disable SSH root Login with a Password (Insecure)

    To disable password-based root logins over SSH, add or correct the following line in /etc/ssh/sshd_config: 
    PermitRootLogin prohibit-password
    Rule Medium Severity
    Show

  • Disable SSH TCP Forwarding

    The <code>AllowTcpForwarding</code> parameter specifies whether TCP forwarding is permitted. To disable TCP forwarding, add or correct the following line in <code>/etc/ssh/sshd_config</code>: <p...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules