Guide to the Secure Configuration of openEuler 2203
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Ensure remote access methods are monitored in Rsyslog
Logging of remote access methods must be implemented to help identify cyber attacks and ensure ongoing compliance with remote access policies are b...Rule Medium Severity -
Configure rsyslogd to Accept Remote Messages If Acting as a Log Server
By default, <code>rsyslog</code> does not listen over the network for log messages. If needed, modules can be enabled to allow the rsyslog daemon t...Group -
Enable rsyslog to Accept Messages via TCP, if Acting As Log Server
The <code>rsyslog</code> daemon should not accept remote messages unless the system acts as a log server. If the system needs to act as a central l...Rule Unknown Severity -
Verify iptables Enabled
Theiptablesservice can be enabled with the following command:$ sudo systemctl enable iptables.service
Rule Medium Severity -
Set configuration for IPv6 loopback traffic
Configure the loopback interface to accept traffic. Configure all other interfaces to deny traffic to the loopback network.Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules