Skip to content

DRAFT - Australian Cyber Security Centre (ACSC) Essential Eight

Rules and Groups employed by this XCCDF Profile

  • Account and Access Control

    In traditional Unix security, if an attacker gains shell access to a certain login account, they can perform any action or access any file to which...
    Group
  • Protect Accounts by Restricting Password-Based Login

    Conventionally, Unix shell accounts are accessed by providing a username and password to a login program, which tests these values for correctness ...
    Group
  • Verify Proper Storage and Existence of Password Hashes

    By default, password hashes for local accounts are stored in the second field (colon-separated) in <code>/etc/shadow</code>. This file should be re...
    Group
  • Prevent Login to Accounts With Empty Password

    If an account is configured for password authentication but does not have an assigned password, it may be possible to log into the account without ...
    Rule High Severity
  • Restrict Root Logins

    Direct root logins should be allowed only for emergency use. In normal situations, the administrator should access the system via a unique unprivil...
    Group
  • Verify Only Root Has UID 0

    If any account other than root has a UID of 0, this misconfiguration should be investigated and the accounts other than root should be removed or h...
    Rule High Severity
  • System Accounting with auditd

    The audit service provides substantial capabilities for recording system activities. By default, the service audits about SELinux AVC denials and c...
    Group
  • Enable auditd Service

    The <code>auditd</code> service is an essential userspace component of the Linux Auditing System, as it is responsible for writing audit records to...
    Rule Medium Severity
  • Configure auditd Rules for Comprehensive Auditing

    The <code>auditd</code> program can perform comprehensive monitoring of system activity. This section describes recommended configuration settings ...
    Group
  • Record Events that Modify the System's Network Environment

    If the <code>auditd</code> daemon is configured to use the <code>augenrules</code> program to read audit rules during daemon startup (the default),...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules