I - Mission Critical Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The Photon operating system must configure sshd to disable X11 forwarding.
<VulnDiscussion>X11 is an older, insecure graphics forwarding protocol. It is not used by Photon and should be disabled as a general best pra...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The Photon operating system must configure sshd to perform strict mode checking of home directory configuration files.
<VulnDiscussion>If other users have access to modify user-specific Secure Shell (SSH) configuration files, they may be able to log on to the ...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The Photon operating system must configure sshd to disallow Kerberos authentication.
<VulnDiscussion>If Kerberos is enabled through Secure Shell (SSH), sshd provides a means of access to the system's Kerberos implementation. V...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The Photon operating system must configure sshd to disallow authentication with an empty password.
<VulnDiscussion>Blank passwords are one of the first things an attacker checks for when probing a system. Even is the user somehow has a blan...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The Photon operating system must configure sshd to disallow compression of the encrypted session stream.
<VulnDiscussion>If compression is allowed in a Secure Shell (SSH) connection prior to authentication, vulnerabilities in the compression soft...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.