[Forgot Password]
Login  Register Subscribe

23631

 
 

121491

 
 

98503

 
 

909

 
 

79321

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:33950
The accounts should be configured to expire automatically following Inactivity accounts.

oval:org.secpod.oval:def:33824
The /tmp directory is a world-writable directory used for temporary file storage. Verify that it has its own partition or logical volume.

oval:org.secpod.oval:def:33945
The minimum password age policy should be set appropriately.

oval:org.secpod.oval:def:33944
The maximum password age policy should meet minimum requirements.

oval:org.secpod.oval:def:33826
The nosuid mount option should be set for temporary storage partitions such as /tmp. The suid/sgid permissions should not be required in these world-writable directories.

oval:org.secpod.oval:def:33947
The root account is the only system account that should have a login shell.

oval:org.secpod.oval:def:33825
The nodev mount option specifies that the filesystem cannot contain special devices.

oval:org.secpod.oval:def:33946
The Set Password Warning Age should be set appropriately.

oval:org.secpod.oval:def:33941
The Banner parameter specifies a file whose contents must be sent to the remote user before authentication is permitted. By default, no banner is displayed.

oval:org.secpod.oval:def:33940
There are several options available to limit which users and group can access the system via SSH. It is recommended that at least one of the following options be leveraged: AllowUsers The AllowUsers variable gives the system administrator the option of allowing specific users to ssh into the syste ...

oval:org.secpod.oval:def:33943
The su command allows a user to run a command or shell as another user. The program has been superseded by sudo, which allows for more granular control over privileged access. Normally, the su command can be executed by any user. By uncommenting the pam_wheel.so statement in /etc/pam.d/su, the su co ...

oval:org.secpod.oval:def:33942
The file /etc/securetty contains a list of valid terminals that may be logged in directly as root.

oval:org.secpod.oval:def:33828
Ensuring that /var is mounted on its own partition enables the setting of more restrictive mount options, which is used as temporary storage by many program, particularly system services such as daemons. It is not uncommon for the /var directory to contain world-writable directories, installed by ot ...

oval:org.secpod.oval:def:33949
The default umask for all users specified in /etc/login.defs

oval:org.secpod.oval:def:33827
It can be dangerous to allow the execution of binaries from world-writable temporary storage directories such as /tmp. The noexec mount option prevents binaries from being executed out of /tmp.

oval:org.secpod.oval:def:33948
The usermod command can be used to specify which group the root user belongs to. This affects permissions of files that are created by the root user.

oval:org.secpod.oval:def:33829
The /var/tmp directory should be bind mounted to /tmp in order to consolidate temporary storage into one location protected by the same techniques as /tmp.

oval:org.secpod.oval:def:33934
SSH's cryptographic host-based authentication is more secure than .rhosts authentication. However, it is not recommended that hosts unilaterally trust one another, even within an organization.

oval:org.secpod.oval:def:33933
Emulation of the rsh command through the ssh server should be disabled (and dependencies are met)

oval:org.secpod.oval:def:33936
Remote connections (SSH) from accounts with empty passwords should be disabled (and dependencies are met).

oval:org.secpod.oval:def:33935
Root login via SSH should be disabled (and dependencies are met)

oval:org.secpod.oval:def:33930
File permission for '/etc/ssh/sshd_config' is set to appropriate values.

oval:org.secpod.oval:def:33932
The MaxAuthTries parameter specifies the maximum number of authentication attempts permitted per connection. When the login failure count reaches half the number, error messages will be written to the syslog file detailing the login failure.

oval:org.secpod.oval:def:33931
The X11Forwarding parameter provides the ability to tunnel X11 traffic through the connection to enable remote graphic connections.

oval:org.secpod.oval:def:33938
This variable limits the types of ciphers that SSH can use during communication.

oval:org.secpod.oval:def:33937
The PermitUserEnvironment option allows users to present environment options to the ssh daemon.

oval:org.secpod.oval:def:33939
The two options ClientAliveInterval and ClientAliveCountMax control the timeout of ssh sessions. When the ClientAliveInterval variable is set, ssh sessions that have no activity for the specified length of time are terminated. When the ClientAliveCountMax variable is set, sshd will send client alive ...

oval:org.secpod.oval:def:33923
Access permission for '/etc/cron.d' is set to appropriate values.

oval:org.secpod.oval:def:33922
Access permission for '/etc/cron.monthly' is set to appropriate values.

oval:org.secpod.oval:def:33925
The pam_cracklib module checks the strength of passwords. It performs checks such as making sure a password is not a dictionary word, it is a certain length, contains a mix of characters (e.g. alphabet, numeric, other) and more. The following are definitions of the pam_cracklib.so options. * retr ...

oval:org.secpod.oval:def:33924
Configure /etc/cron.allow and /etc/at.allow to allow specific users to use these services. If /etc/cron.allow or /etc/at.allow do not exist, then /etc/at.deny and /etc/cron.deny are checked. Any user not specifically defined in those files is allowed to use at and cron. By removing the files, only u ...

oval:org.secpod.oval:def:33921
The /etc/cron.weekly directory contains system cron jobs that need to run on a weekly basis. The files in this directory cannot be manipulated by the crontab command, but are instead edited by system administrators using a text editor. The commands below restrict read/write and search access to user ...

oval:org.secpod.oval:def:33920
The /etc/cron.daily directory contains system cron jobs that need to run on a daily basis. The files in this directory cannot be manipulated by the crontab command, but are instead edited by system administrators using a text editor. The commands below restrict read/write and search access to user a ...

oval:org.secpod.oval:def:33927
The passwords to remember should be set correctly.

oval:org.secpod.oval:def:33926
The Set Lockout Time For Failed Password Attempts should be set correctly.

oval:org.secpod.oval:def:33929
The INFO parameter specifices that record login and logout activity will be logged.

oval:org.secpod.oval:def:33928
Only SSH protocol version 2 connections should be permitted.

oval:org.secpod.oval:def:39108
Unix-based systems have typically displayed information about the OS release and patch level upon logging in to the system. This information can be useful to developers who are developing software for a particular OS platform. If mingetty(8) supports the following options, they display operating sys ...

oval:org.secpod.oval:def:33912
Syslog logs should be sent to a remote loghost

oval:org.secpod.oval:def:33911
Once the rsyslog package is installed it needs to be activated. If the rsyslog service is not activated the system will not have a syslog service running

oval:org.secpod.oval:def:33914
The DPKG package 'aide' should be installed.

oval:org.secpod.oval:def:33910
The DPKG package 'rsyslog' should be installed.

oval:org.secpod.oval:def:33919
This directory contains system cron jobs that need to run on an hourly basis. The files in this directory cannot be manipulated by the crontab command, but are instead edited by system administrators using a text editor. The commands below restrict read/write and search access to user and group root ...

oval:org.secpod.oval:def:33916
The logrotate (syslog rotater) service should be enabled.

oval:org.secpod.oval:def:33915
Implement periodic file checking, in compliance with site policy.

oval:org.secpod.oval:def:33918
The /etc/crontab file is used by cron to control its own jobs. The commands in this item make sure that root is the user and group owner of the file and that only the owner can access the file.

oval:org.secpod.oval:def:33917
The cron daemon is used to execute batch jobs on the system.

oval:org.secpod.oval:def:33871
The Common Unix Print System (CUPS) provides the ability to print to both local and network printers. A system running CUPS can also accept print jobs from remote systems and print them to local printers. It also provides a web based remote administration capability.

oval:org.secpod.oval:def:33870
Avahi is a free zeroconf implementation, including a system for multicast DNS/DNS-SD service discovery. Avahi allows programs to publish and discover services and hosts running on a local network with no specific configuration. For example, a user can plug a computer into a network and Avahi automat ...

oval:org.secpod.oval:def:33873
The Network Time Protocol (NTP) is designed to synchronize system clocks across a variety of systems and use a source that is highly accurate. More information on NTP can be found at http://www.ntp.org. NTP can be configured to be a client and/or a server.

oval:org.secpod.oval:def:33872
The Dynamic Host Configuration Protocol (DHCP) is a service that allows machines to be dynamically assigned IP addresses.

oval:org.secpod.oval:def:33868
time is a network service that responds with the server's current date and time as a 32 bit integer. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.

oval:org.secpod.oval:def:33867
discard is a network service that responds to clients with the data sent to it by the client. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.

oval:org.secpod.oval:def:33869
The DPKG package 'xserver-xorg-core' should be removed.

oval:org.secpod.oval:def:33864
chargen is a network service that responds with 0 to 512 ASCII characters for each connection it receives. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.

oval:org.secpod.oval:def:33863
The eXtended InterNET Daemon ( xinetd ) is an open source super daemon that replaced the original inetd daemon. The xinetd daemon listens for well known services and dispatches the appropriate daemon to properly respond to service requests.

oval:org.secpod.oval:def:33866
echo is a network service that responds to clients with the data sent to it by the client. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.

oval:org.secpod.oval:def:33865
daytime is a network service that responds with the server's current date and time. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.

oval:org.secpod.oval:def:33860
The talk software makes it possible for users to send and receive messages across systems through a terminal session.

oval:org.secpod.oval:def:33862
Trivial File Transfer Protocol (TFTP) is a simple file transfer protocol, typically used to automatically transfer configuration or boot machines from a boot server. The packages tftp and atftp are both used to define and support a TFTP server.

oval:org.secpod.oval:def:33861
The telnet service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:33857
The Berkeley rsh-server (rsh, rlogin, rcp) package contains legacy services that exchange credentials in clear-text.

oval:org.secpod.oval:def:33856
The Network Information Service (NIS), formerly known as Yellow Pages, is a client-server directory service protocol used to distribute system configuration files.

oval:org.secpod.oval:def:33859
The talk software makes it possible for users to send and receive messages across systems through a terminal session. The talk client (allows initiate of talk sessions) is installed by default.

oval:org.secpod.oval:def:33858
The rsh package contains the client commands for the rsh services.

oval:org.secpod.oval:def:33853
Recent processors in the x86 family support the ability to prevent code execution on a per memory page basis. Generically and on AMD processors, this ability is called No Execute (NX), while on Intel processors it is called Execute Disable (XD). This ability can help prevent exploitation of buffer o ...

oval:org.secpod.oval:def:33852
Core dumps for all users should be disabled

oval:org.secpod.oval:def:33855
The prelinking feature changes binaries in an attempt to decrease their startup time.

oval:org.secpod.oval:def:33854
The kernel runtime parameter "kernel.randomize_va_space" should be set to "2".

oval:org.secpod.oval:def:33851
Setting a password for the root user will force authentication in single user mode.

oval:org.secpod.oval:def:33850
The grub boot loader should have password protection enabled.

oval:org.secpod.oval:def:33846
The kernel module udf should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:33845
The squashfs Kernel Module should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:33848
Set the owner and group of your boot loaders config file to the root user. These instructions default to GRUB stored at /boot/grub/grub.cfg.

oval:org.secpod.oval:def:33847
The system's default desktop environment, GNOME, will mount devices and removable media (such as DVDs, CDs and USB flash drives) whenever they are inserted into the system. Disable automount and autorun within GNOME.

oval:org.secpod.oval:def:33842
The kernel module jffs2 should be disabled.

oval:org.secpod.oval:def:33962
Any account with UID 0 has superuser privileges on the system.

oval:org.secpod.oval:def:33841
The kernel module freevxfs should be disabled.

oval:org.secpod.oval:def:33844
The kernel module hfsplus should be disabled.

oval:org.secpod.oval:def:33843
The kernel module hfs should be disabled.

oval:org.secpod.oval:def:33849
File permissions for '/boot/grub/grub.cfg' should be set appropriate.

oval:org.secpod.oval:def:33961
The character + in various files used to be markers for systems to insert data from NIS maps at a certain point in a system configuration file. These entries are no longer required on most systems, but may exist in files that have been imported from other platforms.

oval:org.secpod.oval:def:33840
The kernel module cramfs should be disabled.

oval:org.secpod.oval:def:33960
The character + in various files used to be markers for systems to insert data from NIS maps at a certain point in a system configuration file. These entries are no longer required on most systems, but may exist in files that have been imported from other platforms.

oval:org.secpod.oval:def:33835
The noexec mount option prevents the direct execution of binaries on the mounted filesystem. Users should not be allowed to execute binaries that exist on partitions mounted from removable media (such as a USB key). The noexec option prevents code from being executed directly from the media itself, ...

oval:org.secpod.oval:def:33956
The /etc/shadow file contains the one-way cipher text passwords for each user defined in the /etc/passwd file. The command below sets the user and group ownership of the file to root.

oval:org.secpod.oval:def:33834
The nodev mount option prevents files from being interpreted as character or block devices. Legitimate character and block devices should exist in the /dev directory on the root partition or within chroot jails built for system services. All other locations should not allow character and block devic ...

oval:org.secpod.oval:def:33955
The /etc/passwd file contains a list of all the valid userIDs defined in the system, but not the passwords. The command below sets the owner and group of the file to root.

oval:org.secpod.oval:def:33958
An account with an empty password field means that anybody may log in as that user without providing a password.

oval:org.secpod.oval:def:33837
Legitimate character and block devices should not exist within temporary directories like /run/shm. The nodev mount option should be specified for /run/shm.

oval:org.secpod.oval:def:33836
The nosuid mount option prevents set-user-identifier (suid) and set-group-identifier (sgid) permissions from taking effect. These permissions allow users to execute binaries with the same permissions as the owner and group of the file respectively. Users should not be allowed to introduce suid and g ...

oval:org.secpod.oval:def:33957
The /etc/group file contains a list of all the valid groups defined in the system. The command below allows read/write access for root and read access for everyone else.

oval:org.secpod.oval:def:33831
Audit logs are stored in the /var/log/audit directory. Ensure that it has its own partition or logical volume. Make absolutely certain that it is large enough to store all audit logs that will be created by the auditing daemon.

oval:org.secpod.oval:def:33952
This test makes sure that '/etc/passwd' has proper permission. If the target file or directory has an extended ACL then it will fail the mode check.

oval:org.secpod.oval:def:34008
The kernel runtime parameter "net.ipv4.conf.all.send_redirects" should be set to "0".

oval:org.secpod.oval:def:33830
System logs are stored in the /var/log directory. Ensure that it has its own partition or logical volume.

oval:org.secpod.oval:def:33951
The contents of the /etc/issue file are displayed prior to the login prompt on the system's console and serial devices, and also prior to logins via telnet. The contents of the /etc/motd file is generally displayed after all successful logins, no matter where the user is logging in from, but is thou ...

oval:org.secpod.oval:def:33833
The nodev mount option should be set for temporary storage partitions such as /home. The suid/sgid permissions should not be required in these world-writable directories.

oval:org.secpod.oval:def:33954
File permissions for '/etc/group' should be set correctly.

oval:org.secpod.oval:def:33832
If user home directories will be stored locally, create a separate partition for /home. If /home will be mounted from another system such as an NFS server, then creating a separate partition is not necessary at this time, and the mountpoint can instead be configured later.

oval:org.secpod.oval:def:33953
This test makes sure that '/etc/shadow' file permission is setted as appropriate. If the target file or directory has an extended ACL then it will fail the mode check.

oval:org.secpod.oval:def:33839
It can be dangerous to allow the execution of binaries from world-writable temporary storage directories such as /run/shm. The noexec mount option prevents binaries from being executed out of /run/shm.

oval:org.secpod.oval:def:33959
The character + in various files used to be markers for systems to insert data from NIS maps at a certain point in a system configuration file. These entries are no longer required on most systems, but may exist in files that have been imported from other platforms.

oval:org.secpod.oval:def:33838
The nosuid mount option should be set for temporary storage partitions such as /run/shm. The suid/sgid permissions should not be required in these world-writable directories.

oval:org.secpod.oval:def:33897
Global IPv6 initialization should be disabled.

oval:org.secpod.oval:def:33896
The kernel runtime parameter "net.ipv6.conf.default.accept_redirects" should be set to "0".

oval:org.secpod.oval:def:39080
By default, rsyslog does not listen for log messages coming in from remote systems. The ModLoad tells rsyslog to load the imtcp.so module so it can listen over a network via TCP. The InputTCPServerRun option instructs rsyslogd to listen on the specified TCP port. The guidance in the section ensures ...

oval:org.secpod.oval:def:33899
/etc/hosts.allow file is present.

oval:org.secpod.oval:def:33898
TCP Wrappers provides a simple access list and standardized logging method for services capable of supporting it. In the past, services that were called from inetd and xinetd supported the use of tcp wrappers. As inetd and xinetd have been falling in disuse, any service that can support tcp wrappers ...

oval:org.secpod.oval:def:39072
Monitor changes to file permissions, attributes, ownership and group. The parameters in this section track changes for system calls that affect file permissions and attributes. The chmod, fchmod and fchmodat system calls affect the permissions associated with a file. The chown, fchown, fchownat and ...

oval:org.secpod.oval:def:33893
The kernel runtime parameter "net.ipv4.conf.all.rp_filter" should be set to "1".

oval:org.secpod.oval:def:39073
Monitor for unsuccessful attempts to access files. The parameters below are associated with system calls that control creation (creat), opening (open, openat) and truncation (truncate, ftruncate) of files. An audit log record will only be written if the user is a nonprivileged user (auid > = 500), i ...

oval:org.secpod.oval:def:33892
The kernel runtime parameter "net.ipv4.icmp_ignore_bogus_error_responses" should be set to "1".

oval:org.secpod.oval:def:39074
Monitor the use of the mount system call. The mount (and umount) system call controls the mounting and unmounting of file systems. The parameters below configure the system to create an audit record when the mount system call is used by a non-privileged user. It is highly unusual for a non privileg ...

oval:org.secpod.oval:def:33895
The kernel runtime parameter "net.ipv6.conf.default.accept_ra" should be set to "0".

oval:org.secpod.oval:def:39075
Monitor the use of system calls associated with the deletion or renaming of files and file attributes. This configuration statement sets up monitoring for the unlink (remove a file), unlinkat (remove a file attribute), rename (rename a file) and renameat (rename a file attribute) system calls and ta ...

oval:org.secpod.oval:def:33894
The kernel runtime parameter "net.ipv4.tcp_syncookies" should be set to "1".

oval:org.secpod.oval:def:39076
Monitor scope changes for system administrations. If the system has been properly configured to force system administrators to log in as themselves first and then use the sudo command to execute privileged commands, it is possible to monitor changes in scope. The file /etc/sudoers will be written t ...

oval:org.secpod.oval:def:39077
Monitor the sudo log file. If the system has been properly configured to disable the use of the su command and force all administrators to have to log in first and then use sudo to execute privileged commands, then all administrator commands will be logged to /var/log/sudo.log. Any time a command is ...

oval:org.secpod.oval:def:39078
Monitor the loading and unloading of kernel modules. The programs insmod (install a kernel module), rmmod (remove a kernel module), and modprobe (a more sophisticated program to load and unload modules, as well as some other features) control loading and unloading of modules. The init_module (load a ...

oval:org.secpod.oval:def:33891
The kernel runtime parameter "net.ipv4.icmp_echo_ignore_broadcasts" should be set to "1".

oval:org.secpod.oval:def:39079
Set system audit so that audit rules cannot be modified with auditctl. Setting the flag "-e 2" forces audit to be put in immutable mode. Audit changes can only be made on system reboot. In immutable mode, unauthorized users cannot execute changes to the audit system to potentially hide malicious ac ...

oval:org.secpod.oval:def:33890
The kernel runtime parameter "net.ipv4.conf.all.log_martians" should be set to "1".

oval:org.secpod.oval:def:33889
The kernel runtime parameter "net.ipv4.conf.default.secure_redirects" should be set to "0".

oval:org.secpod.oval:def:33886
The kernel runtime parameter "net.ipv4.ip_forward" should be set to "0".

oval:org.secpod.oval:def:33885
'biosdevname' is an external tool that works with the udev framework for naming devices. 'biosdevname' uses three methods to determine NIC names: 1. PCI firmware spec.3.1 2. smbios (matches # after "em" to OEM # printed on board or housing) 3. PCI IRQ Routing Table (uses # of NIC position in t ...

oval:org.secpod.oval:def:39070
Monitor login and logout events. The parameters below track changes to files associated with login/logout events. The file /var/log/faillog tracks failed events from login. The file /var/log/lastlog maintain records of the last time a user successfully logged in. The file /var/log/tallylog maintains ...

oval:org.secpod.oval:def:33888
The kernel runtime parameter "net.ipv4.conf.default.accept_redirects" should be set to "0".

oval:org.secpod.oval:def:39071
Monitor session initiation events. The parameters in this section track changes to the files associated with session events. The file /var/run/utmp file tracks all currently logged in users. The /var/log/wtmp file tracks logins, logouts, shutdown and reboot events. All audit records will be tagged w ...

oval:org.secpod.oval:def:33887
The Kernel Parameter for Accepting Source-Routed Packets By Default should be enabled or disabled as appropriate. The kernel runtime parameter "net.ipv4.conf.default.accept_source_route" should be set to "0".

oval:org.secpod.oval:def:39069
Monitor SELinux mandatory access controls. The parameters below monitor any write access (potential additional, deletion or modification of files in the directory) or attribute changes to the /etc/selinux directory. Changes to files in this directory could indicate that an unauthorized user is atte ...

oval:org.secpod.oval:def:33882
The Simple Network Management Protocol (SNMP) server is used to listen for SNMP commands from an SNMP management system, execute the commands or collect the information and then send results back to the requesting system.

oval:org.secpod.oval:def:39062
The auditd daemon can be configured to halt the system when the audit logs are full. In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. space_left_action, action_mail_acct and admin_space_left_action setting in / ...

oval:org.secpod.oval:def:33881
Squid is a standard proxy server used in many distributions and environments.

oval:org.secpod.oval:def:39063
Normally, auditd will hold 4 logs of maximum log file size before deleting older log files. In high security contexts, the benefits of maintaining a long audit history exceed the cost of storing the audit history. max_log_file_action setting in /etc/audit/auditd.conf is set to at least a certain v ...

oval:org.secpod.oval:def:33884
The rsyncd service can be used to synchronize files between systems over network links.

oval:org.secpod.oval:def:39064
Install and turn on the auditd daemon to record system events. The capturing of system events provides system administrators with information to allow them to determine if unauthorized access to their system is occurring

oval:org.secpod.oval:def:33883
Mail Transfer Agents (MTA), such as sendmail and Postfix, are used to listen for incoming mail and transfer the messages to the appropriate user or mail server. If the system is not intended to be a mail server, it is recommended that the MTA be configured to only process local mail.

oval:org.secpod.oval:def:39065
Configure grub or lilo so that processes that are capable of being audited can be audited even if they start up prior to auditd startup. Audit events need to be captured on processes that start up prior to auditd, so that potential malicious activity cannot go undetected.

oval:org.secpod.oval:def:39066
Capture events where the system date and/or time has been modified. The parameters in this section are set to determine if the adjtimex (tune kernel clock), settimeofday (Set time, using timeval and timezone structures) stime (using seconds since 1/1/1970) or clock_settime (allows for the setting of ...

oval:org.secpod.oval:def:39067
Record events affecting the group, passwd (user IDs), shadow and gshadow (passwords) or /etc/security/opasswd (old passwords, based on remember parameter in the PAM configuration) files. The parameters in this section will watch the files to see if they have been opened for write or have had attribu ...

oval:org.secpod.oval:def:33880
The Samba daemon allows system administrators to configure their Linux systems to share file systems and directories with Windows desktops. Samba will advertise the file systems and directories via the Small Message Block (SMB) protocol. Windows desktop users will be able to mount these directories ...

oval:org.secpod.oval:def:39068
Record changes to network environment files or system calls. The below parameters monitor the sethostname (set the systems host name) or setdomainname (set the systems domainname) system calls, and write an audit event on system call exit. The other parameters monitor the /etc/issue and /etc/issue.n ...

oval:org.secpod.oval:def:33879
Dovecot is an open source IMAP and POP3 server for Linux based systems.

oval:org.secpod.oval:def:33878
HTTP or web servers provide the ability to host web site content.

oval:org.secpod.oval:def:33875
The Network File System (NFS) is one of the first and most widely distributed file systems in the UNIX environment. It provides the ability for systems to mount file systems of other servers through the network.

oval:org.secpod.oval:def:33874
The Lightweight Directory Access Protocol (LDAP) was introduced as a replacement for NIS/YP. It is a service that provides a method for looking up information from a central database.

oval:org.secpod.oval:def:33877
The File Transfer Protocol (FTP) provides networked computers with the ability to transfer files.

oval:org.secpod.oval:def:33876
The Domain Name System (DNS) is a hierarchical naming system that maps names to IP addresses for computers, services and other resources connected to a network.

oval:org.secpod.oval:def:33901
The /etc/hosts.deny file specifies which IP addresses are not permitted to connect to the host. It is intended to be used in conjunction with the /etc/hosts.allow file.

oval:org.secpod.oval:def:33900
The /etc/hosts.allow file contains networking information that is used by many applications and therefore must be readable for these applications to operate.

oval:org.secpod.oval:def:33903
The kernel module dccp should be disabled.

oval:org.secpod.oval:def:33902
File permission for '/etc/hosts.deny' is set to appropriate values.

oval:org.secpod.oval:def:33909
max_log_file setting in /etc/audit/auditd.conf is set to at least a certain value

oval:org.secpod.oval:def:33908
IPtables is an application that allows a system administrator to configure the IPv4 tables, chains and rules provided by the Linux kernel firewall. ufw was developed to ease IPtables firewall configuration.

oval:org.secpod.oval:def:33905
The kernel module rds should be disabled.

oval:org.secpod.oval:def:33904
The kernel module sctp should be disabled.

oval:org.secpod.oval:def:33907
All wireless interfaces should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:33906
The kernel module tipc should be disabled.

CPE    1
cpe:/o:ubuntu:ubuntu_linux:14.04
CCE    159
CCE-91280-8
CCE-91288-1
CCE-91242-8
CCE-91121-4
...
*XCCDF
xccdf_org.secpod_benchmark_general_Ubuntu_14_04

© 2013 SecPod Technologies