Skip to content
ATO Pathways
  Log In

Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide (STIG) V1R9

Rules and Groups employed by this XCCDF Profile

  • Ensure remote access methods are monitored in Rsyslog

    Logging of remote access methods must be implemented to help identify cyber attacks and ensure ongoing compliance with remote access policies are b...
    Rule Medium Severity
    Show

  • Network Configuration and Firewalls

    Most systems must be connected to a network of some sort, and this brings with it the substantial risk of network attack. This section discusses th...
    Group
    Show

  • Kernel Parameters Which Affect Networking

    The <code>sysctl</code> utility is used to set parameters which affect the operation of the Linux kernel. Kernel parameters which affect networking...
    Group
    Show

  • Network Related Kernel Runtime Parameters for Hosts and Routers

    Certain kernel parameters should be set for systems which are acting as either hosts or routers to improve the system's ability defend against cert...
    Group
    Show

  • Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces

    To set the runtime status of the <code>net.ipv4.tcp_syncookies</code> kernel parameter, run the following command: <pre>$ sudo sysctl -w net.ipv4.t...
    Rule Medium Severity
    Show

  • Uncomplicated Firewall (ufw)

    The Linux kernel in Ubuntu provides a packet filtering system called netfilter, and the traditional interface for manipulating netfilter are the ip...
    Group
    Show

  • Install ufw Package

    The ufw package can be installed with the following command: 
    $ apt-get install ufw
    Rule Medium Severity
    Show

  • Verify ufw Enabled

    The ufw service can be enabled with the following command: 
    $ sudo systemctl enable ufw.service
    Rule Medium Severity
    Show

  • Only Allow Authorized Network Services in ufw

    Check the firewall configuration for any unnecessary or prohibited functions, ports, protocols, and/or services by running the following command: <...
    Rule Medium Severity
    Show

  • ufw Must rate-limit network interfaces

    The operating system must configure the uncomplicated firewall to rate-limit impacted network interfaces.
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules