Skip to content

Standard System Security Profile for Anolis OS 23

Rules and Groups employed by this XCCDF Profile

  • Disable ypserv Service

    The <code>ypserv</code> service, which allows the system to act as a client in a NIS or NIS+ domain, should be disabled. The <code>ypserv</code> s...
    Rule Medium Severity
  • Rlogin, Rsh, and Rexec

    The Berkeley r-commands are legacy services which allow cleartext remote access and have an insecure trust model.
    Group
  • Remove Rsh Trust Files

    The files <code>/etc/hosts.equiv</code> and <code>~/.rhosts</code> (in each user's home directory) list remote hosts and users that are trusted by ...
    Rule High Severity
  • Print Support

    The Common Unix Printing System (CUPS) service provides both local and network printing support. A system running the CUPS service can accept print...
    Group
  • Disable the CUPS Service

    The cups service can be disabled with the following command:
    $ sudo systemctl mask --now cups.service
    Rule Unknown Severity
  • Proxy Server

    A proxy server is a very desirable target for a potential adversary because much (or all) sensitive data for a given infrastructure may flow throug...
    Group
  • Disable Squid if Possible

    If Squid was installed and activated, but the system does not need to act as a proxy server, then it should be disabled and removed.
    Group
  • Disable Squid

    The squid service can be disabled with the following command:
    $ sudo systemctl mask --now squid.service
    Rule Unknown Severity
  • Samba(SMB) Microsoft Windows File Sharing Server

    When properly configured, the Samba service allows Linux systems to provide file and print sharing to Microsoft Windows systems. There are two soft...
    Group
  • Disable Samba if Possible

    Even after the Samba server package has been installed, it will remain disabled. Do not enable this service unless it is absolutely necessary to pr...
    Group

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules