Guide to the Secure Configuration of OpenEmbedded
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Ensure the audit Subsystem is Installed
The audit package should be installed.Rule Medium Severity -
Configure the CUPS Service if Necessary
CUPS provides the ability to easily share local printers with other systems over the network. It does this by allowing systems to share lists of av...Group -
Proxy Server
A proxy server is a very desirable target for a potential adversary because much (or all) sensitive data for a given infrastructure may flow throug...Group -
Disable Squid if Possible
If Squid was installed and activated, but the system does not need to act as a proxy server, then it should be disabled and removed.Group -
Disable Squid
Thesquidservice can be disabled with the following command:$ sudo systemctl mask --now squid.service
Rule Unknown Severity -
Remote Authentication Dial-In User Service (RADIUS)
Remote Authentication Dial-In User Service (RADIUS) is a networking protocol, operating on port 1812 that provides centralized Authentication, Auth...Group -
Hardware RNG Entropy Gatherer Daemon
The rngd feeds random data from hardware device to kernel random device.Group -
Network Routing
A router is a very desirable target for a potential adversary because they fulfill a variety of infrastructure networking roles such as access to ...Group -
Disable Quagga if Possible
If Quagga was installed and activated, but the system does not need to act as a router, then it should be disabled and removed.Group -
Samba(SMB) Microsoft Windows File Sharing Server
When properly configured, the Samba service allows Linux systems to provide file and print sharing to Microsoft Windows systems. There are two soft...Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules