Guide to the Secure Configuration of Debian 12
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Software Integrity Checking
Both the AIDE (Advanced Intrusion Detection Environment) software and the RPM package management system provide mechanisms for verifying the integrity of installed software. AIDE uses snapshots of ...Group -
Configure Systemd Timer Execution of AIDE
At a minimum, AIDE should be configured to run a weekly scan. To implement a systemd service and a timer unit to run the service periodically: For example, if a systemd timer is expected to be star...Rule Medium Severity -
Configure Periodic Execution of AIDE
At a minimum, AIDE should be configured to run a weekly scan. To implement a daily execution of AIDE at 4:05am using cron, add the following line to <code>/etc/crontab</code>: <pre>05 4 * * * root ...Rule Medium Severity -
Configure Notification of Post-AIDE Scan Details
AIDE should notify appropriate personnel of the details of a scan after the scan has been run. If AIDE has already been configured for periodic execution in <code>/etc/crontab</code>, append the fo...Rule Medium Severity -
Configure AIDE to Verify Access Control Lists (ACLs)
By default, the <code>acl</code> option is added to the <code>FIPSR</code> ruleset in AIDE. If using a custom ruleset or the <code>acl</code> option is missing, add <code>acl</code> to the appropri...Rule Low Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules