DISA STIG for SUSE Linux Enterprise 12
Rules and Groups employed by this XCCDF Profile
-
Configure Time Service Maxpoll Interval
The <code>maxpoll</code> should be configured to <xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_time_service_set_maxpoll" use="legacy...Rule Medium Severity -
Obsolete Services
This section discusses a number of network-visible services which have historically caused problems for system security, and for which disabling or...Group -
Rlogin, Rsh, and Rexec
The Berkeley r-commands are legacy services which allow cleartext remote access and have an insecure trust model.Group -
Remove Host-Based Authentication Files
The <code>shosts.equiv</code> file lists remote hosts and users that are trusted by the local system. To remove these files, run the following comm...Rule High Severity -
Remove User Host-Based Authentication Files
The <code>~/.shosts</code> (in each user's home directory) files list remote hosts and users that are trusted by the local system. To remove these ...Rule High Severity -
Telnet
The telnet protocol does not provide confidentiality or integrity for information transmitted on the network. This includes authentication informat...Group -
Uninstall telnet-server Package
Thetelnet-serverpackage can be removed with the following command:$ sudo zypper remove telnet-server
Rule High Severity -
SSH Server
The SSH protocol is recommended for remote login and remote file transfer. SSH provides confidentiality and integrity for data exchanged between tw...Group -
Enable the OpenSSH Service
The SSH server service, sshd, is commonly needed. The <code>sshd</code> service can be enabled with the following command: <pre>$ sudo systemctl e...Rule Medium Severity -
Verify Permissions on SSH Server Private *_key Key Files
SSH server private keys - files that match the <code>/etc/ssh/*_key</code> glob, have to have restricted permissions. If those files are owned by t...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules