OSPP - Protection Profile for General Purpose Operating Systems
Rules and Groups employed by this XCCDF Profile
-
Hardware RNG Entropy Gatherer Daemon
The rngd feeds random data from hardware device to kernel random device.Group -
Enable the Hardware RNG Entropy Gatherer Service
The Hardware RNG Entropy Gatherer service should be enabled. The <code>rngd</code> service can be enabled with the following command: <pre>$ sudo ...Rule Low Severity -
SSH Server
The SSH protocol is recommended for remote login and remote file transfer. SSH provides confidentiality and integrity for data exchanged between tw...Group -
Configure OpenSSH Server if Necessary
If the system needs to act as an SSH server, then certain changes should be made to the OpenSSH daemon configuration file <code>/etc/ssh/sshd_confi...Group -
Disable Host-Based Authentication
SSH's cryptographic host-based authentication is more secure than <code>.rhosts</code> authentication. However, it is not recommended that hosts un...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules