Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add more SLE-15 stigs and CCE IDs to existing rules #6778

Merged
merged 4 commits into from
Apr 6, 2021
Merged

Add more SLE-15 stigs and CCE IDs to existing rules #6778

merged 4 commits into from
Apr 6, 2021

Commits on Mar 30, 2021

  1. Add more SLE-15 stigs abd CCE IDs to existing rules 

    - Change is to add SLE-15 stigs to existing rule.
- No new rules are added
- SLES-12-03040 should have been attached to sysctl_net_ipv6_conf_default_accept_redirects
- Added SLE-15 stigs
       -  SLES-15-040440  'Disable SSH Access via Empty Passwords'
       -  SLES-15-040290  'Disable X11 Forwarding'
       -  SLES-15-040440  'Do Not Allow SSH Environment Options'
       -  SLES-15-010050  'Display the Standard Mandatory DoD Notice and Consent Banner until Explicit Acknowledgement'
       -  SLES-15-020250  'Limit Password Reuse'
       -  SLES-15-020160  'Set Password Strength Minimum Different Characters'
       -  SLES-15-020140  'Set Password Strength Minimum Lowercase Characters'
       -  SLES-15-020130  'Set Password Strength Minimum Uppercase Characters'
       -  SLES-15-040062  'Disable Ctrl-Alt-Del Burst Action'
       -  SLES-15-020200  'Set Password Minimum Age'
       -  SLES-15-020100  'Verify Only Root Has UID 0'
       -  SLES-15-020091  'Ensure that System Accounts Do Not Run a Shell Upon Login'
       -  SLES-15-040100  'All Interactive User Home Directories Must Be Group-Owned By The Primary User'
       -  SLES-15-030250  'Record Events that Modify the System''s Discretionary Access Controls - chown'
       -  SLES-15-030300  'Record Events that Modify the System''s Discretionary Access Controls - fchmod'
       -  SLES-12-030310  'Record Events that Modify the System''s Discretionary Access Controls - fchmodat'
       -  SLES-15-030260  'Record Events that Modify the System''s Discretionary Access Controls - fchown'
       -  SLES-15-030280  'Record Events that Modify the System''s Discretionary Access Controls - fchownat'
       -  SLES-15-030210  'Record Events that Modify the System''s Discretionary Access Controls - fremovexattr'
       -  SLES-15-030230  'Record Events that Modify the System''s Discretionary Access Controls - fsetxattr'
       -  SLES-15-030270  'Record Events that Modify the System''s Discretionary Access Controls - lchown'
       -  SLES-15-030200  'Record Events that Modify the System''s Discretionary Access Controls - lremovexattr'
       -  SLES-15-030240  'Record Events that Modify the System''s Discretionary Access Controls - lsetxattr'
       -  SLES-15-030190  'Record Events that Modify the System''s Discretionary Access Controls - removexattr'
       -  SLES-15-030220  'Record Events that Modify the System''s Discretionary Access Controls - setxattr'
       -  SLES-15-030160  'Record Unsuccessful Access Attempts to Files - creat'
       -  SLES-15-030320  'Record Unsuccessful Access Attempts to Files - ftruncate'
       -  SLES-15-030150  'Record Unsuccessful Access Attempts to Files - open'
       -  SLES-15-030180  'Record Unsuccessful Access Attempts to Files - open_by_handle_at'
       -  SLES-15-030170  'Record Unsuccessful Access Attempts to Files - openat'
       -  SLES-15-030710  'Record Unsuccessul Delete Attempts to Files - rename'
       -  SLES-15-030720  'Record Unsuccessul Delete Attempts to Files - renameat'
       -  SLES-15-030740  'Record Unsuccessul Delete Attempts to Files - unlink'
       -  SLES-15-030750   'Record Unsuccessul Delete Attempts to Files - unlinkat'
       -  SLES-15-030350  'Ensure auditd Collects Information on the Use of Privileged Commands - mount'
       -  SLES-15-030330  'Ensure auditd Collects Information on the Use of Privileged Commands - sudoedit'
       -  SLES-15-030500  'Ensure auditd Collects Information on the Use of Privileged Commands - usermod'
       -  SLES-15-030820  'Remove Default Configuration to Disable Syscall Auditing'
       -  SLES-15-030140  'Ensure auditd Collects System Administrator Actions'
       -  SLES-15-030660  'Configure a Sufficiently Large Partition for Audit Logs'
       -  SLES-15-030790  'Configure audispd''s Plugin network_failure_action On Network Failure'
       -  SLES-15-040341  'Disable Accepting ICMP Redirects for All IPv6 Interfaces'
       -  SLES-15-040350  'Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces'
       -  SLES-15-040380  'Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces'
       -  SLES-15-010351  'Verify that Shared Library Files Have Restrictive Permissions'
       -  SLES-15-010570  'Configure Periodic Execution of AIDE'
    @brett060102
    brett060102 committed Mar 30, 2021
    Configuration menu
    Copy the full SHA
    533dc29 View commit details
    Browse the repository at this point in the history

Commits on Mar 31, 2021

  1. fix duplicate CCE IDs

    @brett060102
    brett060102 committed Mar 31, 2021
    Configuration menu
    Copy the full SHA
    e76308d View commit details
    Browse the repository at this point in the history

Commits on Apr 1, 2021

  1. remove spaces from nist records

    @brett060102
    brett060102 committed Apr 1, 2021
    Configuration menu
    Copy the full SHA
    6aba4c1 View commit details
    Browse the repository at this point in the history

  2. missed a couple of spaces in nist records

    @brett060102
    brett060102 committed Apr 1, 2021
    Configuration menu
    Copy the full SHA
    62b4c99 View commit details
    Browse the repository at this point in the history