Skip to content

Security Profile of Oracle Linux 7 for SAP

Rules and Groups employed by this XCCDF Profile

  • Services

    The best protection against vulnerable software is running less software. This section describes how to review the software which Oracle Linux 7 in...
    Group
  • Obsolete Services

    This section discusses a number of network-visible services which have historically caused problems for system security, and for which disabling or...
    Group
  • NIS

    The Network Information Service (NIS), also known as 'Yellow Pages' (YP), and its successor NIS+ have been made obsolete by Kerberos, LDAP, and oth...
    Group
  • Remove NIS Client

    The Network Information Service (NIS), formerly known as Yellow Pages, is a client-server directory service protocol used to distribute system conf...
    Rule Unknown Severity
  • Uninstall ypserv Package

    The ypserv package can be removed with the following command:
    $ sudo yum erase ypserv
    Rule High Severity
  • Rlogin, Rsh, and Rexec

    The Berkeley r-commands are legacy services which allow cleartext remote access and have an insecure trust model.
    Group
  • Disable rlogin Service

    The <code>rlogin</code> service, which is available with the <code>rsh-server</code> package and runs as a service through xinetd or separately as ...
    Rule High Severity
  • Disable rsh Service

    The <code>rsh</code> service, which is available with the <code>rsh-server</code> package and runs as a service through xinetd or separately as a s...
    Rule High Severity
  • Remove Rsh Trust Files

    The files <code>/etc/hosts.equiv</code> and <code>~/.rhosts</code> (in each user's home directory) list remote hosts and users that are trusted by ...
    Rule High Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules