Skip to content

CIS SUSE Linux Enterprise 15 Benchmark for Level 2 - Server

Rules and Groups employed by this XCCDF Profile

  • Record Attempts to Alter Logon and Logout Events - faillog

    The audit system already collects login information for all users and root. If the <code>auditd</code> daemon is configured to use the <code>augenr...
    Rule Medium Severity
  • Record Attempts to Alter Logon and Logout Events - lastlog

    The audit system already collects login information for all users and root. If the <code>auditd</code> daemon is configured to use the <code>augenr...
    Rule Medium Severity
  • Record Attempts to Alter Logon and Logout Events - tallylog

    The audit system already collects login information for all users and root. If the <code>auditd</code> daemon is configured to use the <code>augenr...
    Rule Medium Severity
  • Record Information on the Use of Privileged Commands

    At a minimum, the audit system should collect the execution of privileged commands for all users and root.
    Group
  • Ensure auditd Collects Information on the Use of Privileged Commands - insmod

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - modprobe

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Ensure auditd Collects Information on the Use of Privileged Commands - rmmod

    At a minimum, the audit system should collect the execution of privileged commands for all users and root. If the <code>auditd</code> daemon is con...
    Rule Medium Severity
  • Records Events that Modify Date and Time Information

    Arbitrary changes to the system time can be used to obfuscate nefarious activities in log files, as well as to confuse network services that are hi...
    Group
  • Record attempts to alter time through adjtimex

    If the <code>auditd</code> daemon is configured to use the <code>augenrules</code> program to read audit rules during daemon startup (the default),...
    Rule Medium Severity
  • Record attempts to alter time through settimeofday

    If the <code>auditd</code> daemon is configured to use the <code>augenrules</code> program to read audit rules during daemon startup (the default),...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules