Skip to content
Log In

Australian Cyber Security Centre (ACSC) Essential Eight

Rules and Groups employed by this XCCDF Profile

  • Set type of computer node name logging in audit logs

    To configure Audit daemon to use a unique identifier as computer node name in the audit events, set <code>name_format</code> to <code><xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_au...
    Rule Medium Severity
    Show

  • Write Audit Logs to the Disk

    To configure Audit daemon to write Audit logs to the disk, set write_logs to yes in /etc/audit/auditd.conf. This is the default setting.
    Rule Medium Severity
    Show

  • Configure Syslog

    The syslog service has been the default Unix logging mechanism for many years. It has a number of downsides, including inconsistent log format, lack of authentication for received messages, and lac...
    Group
    Show

  • Ensure rsyslog is Installed

    Rsyslog is installed by default. The rsyslog package can be installed with the following command: 
     $ sudo yum install rsyslog
    Rule Medium Severity
    Show

  • Enable rsyslog Service

    The <code>rsyslog</code> service provides syslog-style logging by default on Red Hat Enterprise Linux 7. The <code>rsyslog</code> service can be enabled with the following command: <pre>$ sudo sys...
    Rule Medium Severity
    Show

  • Network Configuration and Firewalls

    Most systems must be connected to a network of some sort, and this brings with it the substantial risk of network attack. This section discusses the security impact of decisions about networking wh...
    Group
    Show

  • Ensure System is Not Acting as a Network Sniffer

    The system should not be acting as a network sniffer, which can capture all traffic on the network to which it is connected. Run the following to determine if any interface is running in promiscuou...
    Rule Medium Severity
    Show

  • firewalld

    The dynamic firewall daemon <code>firewalld</code> provides a dynamically managed firewall with support for network “zones” to assign a level of trust to a network and its associated connections an...
    Group
    Show

  • Inspect and Activate Default firewalld Rules

    Firewalls can be used to separate networks into different zones based on the level of trust the user has decided to place on the devices and traffic within that network. <code>NetworkManager</code>...
    Group
    Show

  • Install firewalld Package

    The firewalld package can be installed with the following command: 
    $ sudo yum install firewalld
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules