[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

115228

 
 

909

 
 

90122

 
 

140

Paid content will be excluded from the download.


Download | Alert*


CCE-91970-4
Set Permissions on /etc/ssh/sshd_config The /etc/ssh/sshd_config file contains configuration specifications for sshd. The command below sets the owner and group of the file to root.

CCE-91944-9
Disable IPv6 Router Advertisements This setting disables the systems ability to accept router advertisements

CCE-91988-6
Verify User/Group Ownership on /etc/group The /etc/group file contains a list of all the valid groups defined in the system. The command below allows read/write access for root and read access for everyone else.

CCE-91987-8
Verify User/Group Ownership on /etc/shadow The /etc/shadow file contains the one-way cipher text passwords for each user defined in the /etc/passwd file. The command below sets the user and group ownership of the file to root.

CCE-91986-0
Verify User/Group Ownership on /etc/passwd The /etc/passwd file contains a list of all the valid userIDs defined in the system, but not the passwords. The command below sets the owner and group of the file to root.

CCE-91984-5
Verify Permissions on /etc/shadow The /etc/shadow file is used to store the information about user accounts that is critical to the security of those accounts, such as the hashed password and other security information.

CCE-91966-2
Set Password Creation Requirement Parameters Using pam_cracklib The pam_cracklib module checks the strength of passwords. It performs checks such as making sure a password is not a dictionary word, it is a certain length, contains a mix of characters (e.g. alphabet, numeric, other) and more. The fo ...

CCE-91967-0
Set Lockout for Failed Password Attempts Lock out users after n unsuccessful consecutive login attempts. The first sets of changes are made to the PAM configuration file /etc/pam.d/login. The second set of changes are applied to the program specific PAM configuration file. The second set of changes ...

CCE-92018-1
Set SSH Protocol to 2 SSH supports two different and incompatible protocols: SSH1 and SSH2. SSH1 was the original protocol and was subject to security issues. SSH2 is more advanced and secure.

CCE-91977-9
Set Password Expiration Days The PASS_MAX_DAYS parameter in /etc/login.defs allows an administrator to force passwords to expire once they reach a defined age. It is recommended that the PASS_MAX_DAYS parameter be set to less than or equal to 90 days.

CCE-91978-7
Set Password Change Minimum Number of Days The PASS_MIN_DAYS parameter in /etc/login.defs allows an administrator to prevent users from changing their password until a minimum number of days have passed since the last time the user changed their password. It is recommended that PASS_MIN_DAYS parame ...

CCE-91973-8
Disable SSH Root Login The PermitRootLogin parameter specifies if the root user can log in using ssh(1). The default is no.

CPE    1
cpe:/o:ubuntu:ubuntu_linux:16.04
*XCCDF
xccdf_org.secpod_benchmark_SecPod_Ubuntu_16.04
OVAL    12
oval:org.secpod.oval:def:46228
oval:org.secpod.oval:def:46205
oval:org.secpod.oval:def:46227
oval:org.secpod.oval:def:46249
...

© SecPod Technologies