CIS SUSE Linux Enterprise 12 Benchmark for Level 1 - Workstation
Rules and Groups employed by this XCCDF Profile
-
Verify All Account Password Hashes are Shadowed
If any password hashes are stored in <code>/etc/passwd</code> (in the second field, instead of an <code>x</code> or <code>*</code>), the cause of t...Rule Medium Severity -
Verify All Account Password Hashes are Shadowed with SHA512
Verify the operating system requires the shadow password suite configuration be set to encrypt interactive user passwords using a strong cryptograp...Rule Medium Severity -
Ensure all users last password change date is in the past
All users should have a password change date in the past.Rule Medium Severity -
All GIDs referenced in /etc/passwd must be defined in /etc/group
Add a group to the system for each GID referenced without a corresponding group.Rule Low Severity -
Verify No .forward Files Exist
The.forward
file specifies an email address to forward the user's mail to.Rule Medium Severity -
Ensure there are no legacy + NIS entries in /etc/passwd
The <code>+</code> character in <code>/etc/passwd</code> file marks a place where entries from a network information service (NIS) should be direct...Rule Medium Severity -
Ensure there are no legacy + NIS entries in /etc/shadow
The <code>+</code> character in <code>/etc/shadow</code> file marks a place where entries from a network information service (NIS) should be direct...Rule Medium Severity -
Verify No netrc Files Exist
The <code>.netrc</code> files contain login information used to auto-login into FTP servers and reside in the user's home directory. These files ma...Rule Medium Severity -
Restrict Root Logins
Direct root logins should be allowed only for emergency use. In normal situations, the administrator should access the system via a unique unprivil...Group -
Verify Only Root Has UID 0
If any account other than root has a UID of 0, this misconfiguration should be investigated and the accounts other than root should be removed or h...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules