Solaris 11 X86 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000480
<GroupDescription></GroupDescription>Group -
X11 forwarding for SSH must be disabled.
<VulnDiscussion>As enabling X11 Forwarding on the host can permit a malicious user to secretly open another X11 connection to another remote ...Rule Medium Severity -
SRG-OS-000480
<GroupDescription></GroupDescription>Group -
Consecutive login attempts for SSH must be limited to 3.
<VulnDiscussion>Setting the authentication login limit to a low value will disconnect the attacker and force a reconnect, which severely limi...Rule Low Severity -
SRG-OS-000480
<GroupDescription></GroupDescription>Group -
The rhost-based authentication for SSH must be disabled.
<VulnDiscussion>Setting this parameter forces users to enter a password when authenticating with SSH.</VulnDiscussion><FalsePositive...Rule Medium Severity -
SRG-OS-000480
<GroupDescription></GroupDescription>Group -
Direct root account login must not be permitted for SSH access.
<VulnDiscussion>The system should not allow users to log in as the root user directly, as audited actions would be non-attributable to a spec...Rule Medium Severity -
SRG-OS-000480
<GroupDescription></GroupDescription>Group -
Host-based authentication for login-based services must be disabled.
<VulnDiscussion>The use of .rhosts authentication is an insecure protocol and can be replaced with public-key authentication using Secure She...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules