ANSSI-BP-028 (minimal)
Rules and Groups employed by this XCCDF Profile
-
Telnet
The telnet protocol does not provide confidentiality or integrity for information transmitted on the network. This includes authentication information such as passwords. Organizations which use tel...Group -
TFTP Server
TFTP is a lightweight version of the FTP protocol which has traditionally been used to configure networking equipment. However, TFTP provides little security, and modern versions of networking oper...Group -
Ensure Software Patches Installed
If the system has an apt repository available, run the following command to install updates: <pre>$ apt update && apt full-upgrade</pre> <br> <br> NOTE: U.S. Defense system...Rule Medium Severity -
Install pam_pwquality Package
Thelibpam-pwquality
package can be installed with the following command:$ apt-get install libpam-pwquality
Rule Medium Severity -
Limit Password Reuse
Do not allow users to reuse recent passwords. This can be accomplished by using theremember
option for thepam_unix
orpam_pwhistory
PAM modules.Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules