CIS SUSE Linux Enterprise 15 Benchmark for Level 1 - Workstation
Rules and Groups employed by this XCCDF Profile
-
Verify nftables Service is Enabled
The nftables service allows for the loading of nftables rulesets during boot, or starting on the nftables service The <code>nftables</code> servic...Rule Medium Severity -
Verify nftables Service is Disabled
nftables is a subsystem of the Linux kernel providing filtering and classification of network packets/datagrams/frames and is the successor to ipta...Rule Medium Severity -
Ensure nftables Default Deny Firewall Policy
Base chain policy is the default verdict that will be applied to packets reaching the end of the chain. There are two policies: accept (Default) an...Rule Medium Severity -
Ensure nftables Rules are Permanent
nftables is a subsystem of the Linux kernel providing filtering and classification of network packets/datagrams/frames. The nftables service reads ...Rule Medium Severity -
Ensure Base Chains Exist for Nftables
Tables in nftables hold chains. Each table only has one address family and only applies to packets of this family. Tables can have one of six famil...Rule Medium Severity -
Set nftables Configuration for Loopback Traffic
Configure the loopback interface to accept traffic. Configure all other interfaces to deny traffic to the loopback network.Rule Medium Severity -
Ensure all outbound and established connections are configured for nftables
Configure the nftables firewall rules for new outbound and established connectionsRule Medium Severity -
Ensure a Table Exists for Nftables
Tables in nftables hold chains. Each table only has one address family and only applies to packets of this family. Tables can have one of six famil...Rule Medium Severity -
File Permissions and Masks
Traditional Unix security relies heavily on file and directory permissions to prevent unauthorized users from reading or modifying files to which t...Group -
Verify Permissions on Important Files and Directories
Permissions for many files on a system must be set restrictively to ensure sensitive information is properly protected. This section discusses impo...Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules