Skip to content
ATO Pathways
  Log In

DRAFT - Australian Cyber Security Centre (ACSC) Essential Eight

Rules and Groups employed by this XCCDF Profile

  • Enable authselect

    Configure user authentication setup to use the <code>authselect</code> tool. If authselect profile is selected, the rule will enable the <xccdf-1.2...
    Rule Medium Severity
    Show

  • Protect Accounts by Restricting Password-Based Login

    Conventionally, Unix shell accounts are accessed by providing a username and password to a login program, which tests these values for correctness ...
    Group
    Show

  • Verify Proper Storage and Existence of Password Hashes

    By default, password hashes for local accounts are stored in the second field (colon-separated) in <code>/etc/shadow</code>. This file should be re...
    Group
    Show

  • Prevent Login to Accounts With Empty Password

    If an account is configured for password authentication but does not have an assigned password, it may be possible to log into the account without ...
    Rule High Severity
    Show

  • Restrict Root Logins

    Direct root logins should be allowed only for emergency use. In normal situations, the administrator should access the system via a unique unprivil...
    Group
    Show

  • Verify Only Root Has UID 0

    If any account other than root has a UID of 0, this misconfiguration should be investigated and the accounts other than root should be removed or h...
    Rule High Severity
    Show

  • Configure Syslog

    The syslog service has been the default Unix logging mechanism for many years. It has a number of downsides, including inconsistent log format, lac...
    Group
    Show

  • Ensure rsyslog is Installed

    Rsyslog is installed by default. The <code>rsyslog</code> package can be installed with the following command: <pre> $ sudo dnf install rsyslog</pr...
    Rule Medium Severity
    Show

  • Enable rsyslog Service

    The <code>rsyslog</code> service provides syslog-style logging by default on Red Hat Enterprise Linux 10. The <code>rsyslog</code> service can be ...
    Rule Medium Severity
    Show

  • Network Configuration and Firewalls

    Most systems must be connected to a network of some sort, and this brings with it the substantial risk of network attack. This section discusses th...
    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules