{"id": "general_sle15", "policy": "General System Security Profile for SUSE Linux Enterprise 15", "title": "General System Security Profile SUSE Linux Enterprise 15", "source": "not_publicly_available", "definition_location": "/aptdata/openscap/scap-security-guide/controls/general_sle15.yml", "controls": [{"id": "SLES-15-150150015", "levels": ["low"], "notes": "", "title": "Disable Mounting of cramfs", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_cramfs_disabled"], "controls": []}, {"id": "SLES-15-150150030", "levels": ["low"], "notes": "", "title": "Disable Mounting of freevxfs", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_freevxfs_disabled"], "controls": []}, {"id": "SLES-15-150150045", "levels": ["low"], "notes": "", "title": "Disable Mounting of hfs", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_hfs_disabled"], "controls": []}, {"id": "SLES-15-150150060", "levels": ["low"], "notes": "", "title": "Disable Mounting of hfsplus", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_hfsplus_disabled"], "controls": []}, {"id": "SLES-15-150150075", "levels": ["low"], "notes": "", "title": "Disable Mounting of jffs2", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_jffs2_disabled"], "controls": []}, {"id": "SLES-15-150150090", "levels": ["low"], "notes": "", "title": "Disable Mounting of overlayfs", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_overlayfs_disabled"], "controls": []}, {"id": "SLES-15-150150105", "levels": ["low"], "notes": "", "title": "Disable Mounting of squashfs", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_squashfs_disabled"], "controls": []}, {"id": "SLES-15-150150120", "levels": ["low"], "notes": "", "title": "Disable Mounting of udf", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_udf_disabled"], "controls": []}, {"id": "SLES-15-150150135", "levels": ["low"], "notes": "", "title": "Disable Mounting of vFAT filesystems", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_vfat_disabled"], "controls": []}, {"id": "SLES-15-150150150", "levels": ["low"], "notes": "", "title": "Ensure /tmp Located On Separate Partition", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_tmp"], "controls": []}, {"id": "SLES-15-150150165", "levels": ["medium"], "notes": "", "title": "Add nodev Option to /tmp", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_tmp_nodev"], "controls": []}, {"id": "SLES-15-150150180", "levels": ["medium"], "notes": "", "title": "Add nosuid Option to /tmp", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_tmp_nosuid"], "controls": []}, {"id": "SLES-15-150150195", "levels": ["medium"], "notes": "", "title": "Add noexec Option to /tmp", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_tmp_noexec"], "controls": []}, {"id": "SLES-15-150150210", "levels": ["low"], "notes": "", "title": "Ensure /dev/shm Located On Separate Partition", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_dev_shm"], "controls": []}, {"id": "SLES-15-150150225", "levels": ["medium"], "notes": "", "title": "Add nodev Option to /dev/shms", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_dev_shm_nodev"], "controls": []}, {"id": "SLES-15-150150240", "levels": ["medium"], "notes": "", "title": "Add nosuid Option to /dev/shm", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_dev_shm_nosuid"], "controls": []}, {"id": "SLES-15-150150255", "levels": ["medium"], "notes": "", "title": "Add noexec Option to /dev/shm", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_dev_shm_noexec"], "controls": []}, {"id": "SLES-15-150150270", "levels": ["low"], "notes": "", "title": "Ensure /home Located On Separate Partition", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_home"], "controls": []}, {"id": "SLES-15-150150285", "levels": ["medium"], "notes": "", "title": "Add nodev Option to /home", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_home_nodev"], "controls": []}, {"id": "SLES-15-150150300", "levels": ["medium"], "notes": "", "title": "Add nosuid Option to /home", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_home_nosuid"], "controls": []}, {"id": "SLES-15-150150315", "levels": ["low"], "notes": "", "title": "Ensure /var Located On Separate Partition", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_var"], "controls": []}, {"id": "SLES-15-150150330", "levels": ["medium"], "notes": "", "title": "Add nodev Option to /var", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_var_nodev"], "controls": []}, {"id": "SLES-15-150150345", "levels": ["medium"], "notes": "", "title": "Add nosuid Option to /var", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_var_nosuid"], "controls": []}, {"id": "SLES-15-150150360", "levels": ["medium"], "notes": "", "title": "Ensure /var/tmp Located On Separate Partition", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_var_tmp"], "controls": []}, {"id": "SLES-15-150150375", "levels": ["medium"], "notes": "", "title": "Add nodev Option to /var/tmp", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_var_tmp_nodev"], "controls": []}, {"id": "SLES-15-150150390", "levels": ["medium"], "notes": "", "title": "Add nosuid Option to /var/tmp", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_var_tmp_nosuid"], "controls": []}, {"id": "SLES-15-150150405", "levels": ["medium"], "notes": "", "title": "Add noexec Option to /var/tmp", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_var_tmp_noexec"], "controls": []}, {"id": "SLES-15-150150420", "levels": ["low"], "notes": "", "title": "Ensure /var/log Located On Separate Partition", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_var_log"], "controls": []}, {"id": "SLES-15-150150435", "levels": ["medium"], "notes": "", "title": "Add nodev Option to /var/log", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_var_log_nodev"], "controls": []}, {"id": "SLES-15-150150450", "levels": ["medium"], "notes": "", "title": "Add nosuid Option to /var/log", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_var_log_nosuid"], "controls": []}, {"id": "SLES-15-150150465", "levels": ["medium"], "notes": "", "title": "Add noexec Option to /var/log", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_var_log_noexec"], "controls": []}, {"id": "SLES-15-150150480", "levels": ["low"], "notes": "", "title": "Ensure /var/log/audit Located On Separate Partition", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_var_log_audit"], "controls": []}, {"id": "SLES-15-150150495", "levels": ["medium"], "notes": "", "title": "Add nodev Option to /var/log/audit", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_var_log_audit_nodev"], "controls": []}, {"id": "SLES-15-150150510", "levels": ["medium"], "notes": "", "title": "Add nosuid Option to /var/log/audit", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_var_log_audit_nosuid"], "controls": []}, {"id": "SLES-15-150150525", "levels": ["medium"], "notes": "", "title": "Add noexec Option to /var/log/audit", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_var_log_audit_noexec"], "controls": []}, {"id": "SLES-15-150150540", "levels": ["high"], "notes": "", "title": "Encrypt Partitions", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["encrypt_partitions"], "controls": []}, {"id": "SLES-15-150300015", "levels": ["medium"], "notes": "", "title": "Configure GPG keys", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_GPG_keys_are_configured"], "controls": []}, {"id": "SLES-15-150300030", "levels": ["high"], "notes": "", "title": "Enable gpgcheck in Main Package Manager Configuration", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_gpgcheck_globally_activated", "ensure_gpgcheck_never_disabled"], "controls": []}, {"id": "SLES-15-150300045", "levels": ["high"], "notes": "", "title": "Ensure repo_gpgcheck is globally activated", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": [], "controls": []}, {"id": "SLES-15-150300060", "levels": ["high"], "notes": "", "title": "Configure Package Manager Repositories", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": [], "controls": []}, {"id": "SLES-15-150300075", "levels": ["medium"], "notes": "", "title": "Ensure Software Patches Installed", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["security_patches_up_to_date"], "controls": []}, {"id": "SLES-15-150450015", "levels": ["medium"], "notes": "", "title": "Install AppArmor", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_apparmor_installed"], "controls": []}, {"id": "SLES-15-150450030", "levels": ["medium"], "notes": "", "title": "Ensure AppArmor is Active and Configured", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["apparmor_configured"], "controls": []}, {"id": "SLES-15-150450045", "levels": ["medium"], "notes": "", "title": "All AppArmor Profiles are in enforce or complain mode", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["all_apparmor_profiles_in_enforce_complain_mode", "var_apparmor_mode=complain"], "controls": []}, {"id": "SLES-15-150450060", "levels": ["medium"], "notes": "", "title": "Enforce all AppArmor Profiles", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["all_apparmor_profiles_enforced"], "controls": []}, {"id": "SLES-15-150600015", "levels": ["high"], "notes": "", "title": "Set Boot Loader Password in grub2", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["grub2_password", "grub2_uefi_password"], "controls": []}, {"id": "SLES-15-150600030", "levels": ["medium"], "notes": "", "title": "Configure Permissions on Bootloader Config", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_grub2_cfg", "file_permissions_grub2_cfg", "file_groupowner_grub2_cfg"], "controls": []}, {"id": "SLES-15-150750015", "levels": ["medium"], "notes": "", "title": "Enable Address Space Layout Randomization (ASLR)", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_kernel_randomize_va_space"], "controls": []}, {"id": "SLES-15-150750030", "levels": ["medium"], "notes": "", "title": "Restrict Core Dumps for All Users", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_fs_suid_dumpable", "coredump_disable_storage", "disable_users_coredumps", "coredump_disable_backtraces"], "controls": []}, {"id": "SLES-15-150750060", "levels": ["medium"], "notes": "", "title": "Enable compile options for kernel security functions", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_config_security", "kernel_config_seccomp_filter", "kernel_config_seccomp", "kernel_config_security_writable_hooks", "kernel_config_security_yama"], "controls": []}, {"id": "SLES-15-150750180", "levels": ["medium"], "notes": "", "title": "Enable Kernel Parameter to Enforce DAC on Hardlinks and Softlinks", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_fs_protected_hardlinks", "sysctl_fs_protected_symlinks"], "controls": []}, {"id": "SLES-15-150900015", "levels": ["high"], "notes": "", "title": "Configure System Cryptography Policy", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["configure_crypto_policy"], "controls": []}, {"id": "SLES-15-150900030", "levels": ["high"], "notes": "", "title": "Configure System Cryptography Policy not set to Legacy", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["configure_crypto_policy", "var_system_crypto_policy=default_nosha1"], "controls": []}, {"id": "SLES-15-150900045", "levels": ["medium"], "notes": "", "title": "Configure SSH to use System Crypto Policy", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["configure_ssh_crypto_policy"], "controls": []}, {"id": "SLES-15-150900105", "levels": ["medium"], "notes": "", "title": "Disables chacha20-poly1305 for ssh", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": [], "controls": []}, {"id": "SLES-15-151050015", "levels": ["medium"], "notes": "", "title": "Modify the System Message of the Day Banner", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["banner_etc_motd", "motd_banner_text=cis_banners"], "controls": []}, {"id": "SLES-15-151050030", "levels": ["medium"], "notes": "", "title": "Modify the System Login Banner", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["banner_etc_issue", "login_banner_text=cis_banners"], "controls": []}, {"id": "SLES-15-151050045", "levels": ["medium"], "notes": "", "title": "Modify the System Login Banner for Remote Connections", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["banner_etc_issue_net", "remote_login_banner_text=cis_banners"], "controls": []}, {"id": "SLES-15-151050060", "levels": ["medium"], "notes": "", "title": "Configure access to the Message of the Day Banner", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_etc_motd", "file_owner_etc_motd", "file_groupowner_etc_motd"], "controls": []}, {"id": "SLES-15-151050075", "levels": ["medium"], "notes": "", "title": "Configure access to the System Login Banner", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_groupowner_etc_issue", "file_owner_etc_issue", "file_permissions_etc_issue"], "controls": []}, {"id": "SLES-15-151050090", "levels": ["medium"], "notes": "", "title": "Configure access to the System Login Banner for Remote Connections", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_groupowner_etc_issue_net", "file_owner_etc_issue_net", "file_permissions_etc_issue_net"], "controls": []}, {"id": "SLES-15-151200105", "levels": ["medium"], "notes": "", "title": "Remove the GDM Package Group", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_gdm_removed"], "controls": []}, {"id": "SLES-15-151200120", "levels": ["medium"], "notes": "", "title": "Configure GDM Login Banner", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["dconf_gnome_login_banner_text", "dconf_gnome_banner_enabled", "login_banner_text=cis_default"], "controls": []}, {"id": "SLES-15-151200135", "levels": ["medium"], "notes": "", "title": "Disable the GDM Login User List", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["dconf_gnome_disable_user_list"], "controls": []}, {"id": "SLES-15-151200150", "levels": ["medium"], "notes": "", "title": "Lock the GDM Screen When the User is Idle", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["dconf_gnome_screensaver_lock_delay", "dconf_gnome_screensaver_idle_delay", "inactivity_timeout_value=15_minutes", "var_screensaver_lock_delay=5_seconds"], "controls": []}, {"id": "SLES-15-151200165", "levels": ["medium"], "notes": "", "title": "Ensure the User cannot override the GDM screen locks", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["dconf_gnome_session_idle_user_locks", "dconf_gnome_screensaver_user_locks"], "controls": []}, {"id": "SLES-15-151200180", "levels": ["medium"], "notes": "", "title": "Disable the GDM automatic mounting of removable media", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["dconf_gnome_disable_automount_open", "dconf_gnome_disable_automount"], "controls": []}, {"id": "SLES-15-151200210", "levels": ["medium"], "notes": "", "title": "Disable GDM Automount running", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["dconf_gnome_disable_autorun"], "controls": []}, {"id": "SLES-15-151200240", "levels": ["high"], "notes": "", "title": "Disable XDMCP in GDM", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["gnome_gdm_disable_xdmcp"], "controls": []}, {"id": "SLES-15-300150015", "levels": ["medium"], "notes": "", "title": "Disable the Automounter", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_autofs_disabled", "kernel_module_usb-storage_disabled"], "controls": []}, {"id": "SLES-15-300150030", "levels": ["medium"], "notes": "", "title": "Disable Avahi Server Software", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_avahi-autoipd_removed", "package_avahi_removed", "service_avahi-daemon_disabled"], "controls": []}, {"id": "SLES-15-300150045", "levels": ["medium"], "notes": "", "title": "Disable DHCP Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_dhcpd_disabled", "package_dhcp_client_removed", "package_dhcp_removed"], "controls": []}, {"id": "SLES-15-300150060", "levels": ["high"], "notes": "", "title": "Disable named Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_named_disabled", "package_bind_removed"], "controls": []}, {"id": "SLES-15-300150075", "levels": ["medium"], "notes": "", "title": "Disable dnsmasq Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_dnsmasq_removed", "service_dnsmasq_disabled"], "controls": []}, {"id": "SLES-15-300150090", "levels": ["low"], "notes": "", "title": "Disable Samba", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_samba_removed", "service_smb_disabled"], "controls": []}, {"id": "SLES-15-300150105", "levels": ["medium"], "notes": "", "title": "Disable LDAP Server", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_openldap-servers_removed", "service_slapd_disabled"], "controls": []}, {"id": "SLES-15-300150120", "levels": ["medium"], "notes": "", "title": "Disable vsftpd Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_vsftpd_disabled", "package_vsftpd_removed"], "controls": []}, {"id": "SLES-15-300150135", "levels": ["medium"], "notes": "", "title": "Disable Message Access Server Services", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_dovecot_removed", "service_dovecot_disabled", "package_cyrus-imapd_removed"], "controls": []}, {"id": "SLES-15-300150150", "levels": ["medium"], "notes": "", "title": "Disable Network File System", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_nfs_disabled", "package_nfs-utils_removed"], "controls": []}, {"id": "SLES-15-300150165", "levels": ["high"], "notes": "", "title": "Disable ypserv Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": ["service_ypserv_disabled", "package_ypserv_removed"], "rules": [], "controls": []}, {"id": "SLES-15-300150180", "levels": ["medium"], "notes": "", "title": "Disable the CUPS Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_cups_disabled", "package_cups_removed"], "controls": []}, {"id": "SLES-15-300150195", "levels": ["low"], "notes": "", "title": "Disable rpcbind Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_rpcbind_removed", "service_rpcbind_disabled"], "controls": []}, {"id": "SLES-15-300150210", "levels": ["medium"], "notes": "", "title": "Disable rsyncd Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_rsync_removed", "service_rsyncd_disabled"], "controls": []}, {"id": "SLES-15-300150225", "levels": ["low"], "notes": "", "title": "Disable snmpd Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_net-snmp_removed", "service_snmpd_disabled"], "controls": []}, {"id": "SLES-15-300150240", "levels": ["high"], "notes": "", "title": "Disable telnet Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_telnet-server_removed", "service_telnet_disabled"], "controls": []}, {"id": "SLES-15-300150255", "levels": ["high"], "notes": "", "title": "Disable tftp Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_tftp-server_removed", "service_tftp_disabled"], "controls": []}, {"id": "SLES-15-300150270", "levels": ["medium"], "notes": "", "title": "Disable Squid", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_squid_disabled", "package_squid_removed"], "controls": []}, {"id": "SLES-15-300150285", "levels": ["medium"], "notes": "", "title": "Disable httpd Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_httpd_disabled", "package_httpd_removed"], "controls": []}, {"id": "SLES-15-300150300", "levels": ["medium"], "notes": "", "title": "Disable xinetd Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_tcp_wrappers_removed", "service_xinetd_disabled", "package_xinetd_removed"], "controls": []}, {"id": "SLES-15-300150315", "levels": ["medium"], "notes": "", "title": "Disable X window server services", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_xorg-x11-server-common_removed", "xwindows_remove_packages"], "controls": []}, {"id": "SLES-15-300150330", "levels": ["medium"], "notes": "", "title": "Disable Postfix Network Listening", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["postfix_network_listening_disabled", "var_postfix_inet_interfaces=loopback-only"], "controls": []}, {"id": "SLES-15-300150345", "levels": ["medium"], "notes": "", "title": "Disable not approved services to listen on a network interface", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": [], "controls": []}, {"id": "SLES-15-300300015", "levels": ["low"], "notes": "", "title": "Remove ftp Package", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_ftp_removed"], "controls": []}, {"id": "SLES-15-300300030", "levels": ["low"], "notes": "", "title": "Remove LDAP clients", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_openldap-clients_removed"], "controls": []}, {"id": "SLES-15-300300045", "levels": ["medium"], "notes": "", "title": "Remove NIS Client", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_ypbind_removed"], "controls": []}, {"id": "SLES-15-300300060", "levels": ["low"], "notes": "", "title": "Remove telnet Clients", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_telnet_removed"], "controls": []}, {"id": "SLES-15-300300075", "levels": ["low"], "notes": "", "title": "Remove tftp Daemon", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_tftp_removed"], "controls": []}, {"id": "SLES-15-300450015", "levels": ["medium"], "notes": "", "title": "The Chrony package is installed", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_chrony_installed"], "controls": []}, {"id": "SLES-15-300450030", "levels": ["medium"], "notes": "", "title": "Configure Systemd Timesyncd Servers", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_timesyncd_configured", "service_timesyncd_root_distance_configured"], "controls": []}, {"id": "SLES-15-300450045", "levels": ["high"], "notes": "", "title": "Enable systemd_timesyncd Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_timesyncd_enabled"], "controls": []}, {"id": "SLES-15-300450060", "levels": ["medium"], "notes": "", "title": "Configure chrony", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["chronyd_configure_pool_and_server", "chronyd_run_as_chrony_user", "var_multiple_time_servers=suse", "var_multiple_time_pools=suse"], "controls": []}, {"id": "SLES-15-300450075", "levels": ["medium"], "notes": "", "title": "Enable chrony", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_chronyd_enabled"], "controls": []}, {"id": "SLES-15-300450090", "levels": ["medium"], "notes": "", "title": "Configure Time Service Maxpoll Interval", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["chronyd_or_ntpd_set_maxpoll", "var_time_service_set_maxpoll=18_hours"], "controls": []}, {"id": "SLES-15-300600015", "levels": ["medium"], "notes": "", "title": "Enable cron Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_cron_installed", "service_cron_enabled"], "controls": []}, {"id": "SLES-15-300600030", "levels": ["medium"], "notes": "", "title": "Configure permissions on /etc/crontab", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_crontab", "file_groupowner_crontab"], "controls": []}, {"id": "SLES-15-300600045", "levels": ["medium"], "notes": "", "title": "Configure permissions on /etc/cron.hourly", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_cron_hourly", "file_owner_cron_hourly", "file_groupowner_cron_hourly"], "controls": []}, {"id": "SLES-15-300600060", "levels": ["medium"], "notes": "", "title": "Configure permissions on /etc/cron.daily", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_cron_daily", "file_groupowner_cron_daily"], "controls": []}, {"id": "SLES-15-300600075", "levels": ["high"], "notes": "", "title": "Configure permissions on /etc/cron.weekly", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_cron_weekly", "file_groupowner_cron_weekly", "file_permissions_cron_weekly"], "controls": []}, {"id": "SLES-15-300600090", "levels": ["medium"], "notes": "", "title": "Configure permissions on /etc/cron.monthly", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_groupowner_cron_monthly", "file_permissions_cron_monthly", "file_owner_cron_monthly"], "controls": []}, {"id": "SLES-15-300600105", "levels": ["medium"], "notes": "", "title": "Set SSH MaxSessions limit", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_cron_d", "file_groupowner_cron_d", "file_permissions_cron_d"], "controls": []}, {"id": "SLES-15-300600120", "levels": ["medium"], "notes": "", "title": "Configure cron permissions", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_cron_allow", "file_groupowner_cron_allow", "file_permissions_cron_allow", "file_cron_allow_exists", "file_cron_deny_not_exist"], "controls": []}, {"id": "SLES-15-300600135", "levels": ["medium"], "notes": "", "title": "Configure at permissions", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_at_deny_not_exist", "file_permissions_at_allow", "file_owner_at_allow", "file_groupowner_at_allow"], "controls": []}, {"id": "SLES-15-450150015", "levels": ["medium"], "notes": "", "title": "Identify IPv6 status", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": [], "controls": []}, {"id": "SLES-15-450150030", "levels": ["medium"], "notes": "", "title": "Deactivate Wireless Network Interfaces", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["wireless_disable_interfaces"], "controls": []}, {"id": "SLES-15-450150045", "levels": ["medium"], "notes": "", "title": "Disable Bluetooth Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_bluetooth_disabled"], "controls": []}, {"id": "SLES-15-450300015", "levels": ["medium"], "notes": "", "title": "Disable DCCP Support", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_dccp_disabled"], "controls": []}, {"id": "SLES-15-450300030", "levels": ["low"], "notes": "", "title": "Disable TIPC Support", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_tipc_disabled"], "controls": []}, {"id": "SLES-15-450300045", "levels": ["low"], "notes": "", "title": "Disable RDS Support", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_rds_disabled"], "controls": []}, {"id": "SLES-15-450300060", "levels": ["medium"], "notes": "", "title": "Disable SCTP Support", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_sctp_disabled"], "controls": []}, {"id": "SLES-15-450450015", "levels": ["medium"], "notes": "", "title": "Disable IP forwarding", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv6_conf_all_forwarding", "sysctl_net_ipv4_ip_forward", "sysctl_net_ipv6_conf_all_forwarding_value=disabled"], "controls": []}, {"id": "SLES-15-450450030", "levels": ["medium"], "notes": "", "title": "Disable packet redirect sending", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_default_send_redirects", "sysctl_net_ipv4_conf_all_send_redirects"], "controls": []}, {"id": "SLES-15-450450045", "levels": ["medium"], "notes": "", "title": "Ignore bogus ICMP error responses", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "sysctl_net_ipv4_icmp_ignore_bogus_error_responses_value=enabled"], "controls": []}, {"id": "SLES-15-450450060", "levels": ["medium"], "notes": "", "title": "Ignore ICMP Broadcast Echo Requests", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "sysctl_net_ipv4_icmp_echo_ignore_broadcasts_value=enabled"], "controls": []}, {"id": "SLES-15-450450075", "levels": ["medium"], "notes": "", "title": "Disable Accepting ICMP Redirects", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_default_accept_redirects", "sysctl_net_ipv6_conf_default_accept_redirects", "sysctl_net_ipv4_conf_all_accept_redirects", "sysctl_net_ipv6_conf_all_accept_redirects", "sysctl_net_ipv4_conf_all_accept_redirects_value=disabled", "sysctl_net_ipv4_conf_default_accept_redirects_value=disabled", "sysctl_net_ipv6_conf_all_accept_redirects_value=disabled", "sysctl_net_ipv6_conf_default_accept_redirects_value=disabled"], "controls": []}, {"id": "SLES-15-450450090", "levels": ["medium"], "notes": "", "title": "Disable Accepting Secure ICMP Redirects", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_all_secure_redirects", "sysctl_net_ipv4_conf_default_secure_redirects", "sysctl_net_ipv4_conf_all_secure_redirects_value=disabled", "sysctl_net_ipv4_conf_default_secure_redirects_value=disabled"], "controls": []}, {"id": "SLES-15-450450105", "levels": ["medium"], "notes": "", "title": "Enable Reverse Path Filtering", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": ["sysctl_net_ipv4_conf_all_rp_filter", "sysctl_net_ipv4_conf_all_rp_filter_value=enabled", "sysctl_net_ipv4_conf_default_rp_filter", "sysctl_net_ipv4_conf_default_rp_filter_value=enabled"], "rules": [], "controls": []}, {"id": "SLES-15-450450120", "levels": ["medium"], "notes": "", "title": "Disable Accepting Source-Routed Packets", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_default_accept_source_route", "sysctl_net_ipv6_conf_all_accept_source_route", "sysctl_net_ipv4_conf_all_accept_source_route", "sysctl_net_ipv6_conf_default_accept_source_route", "sysctl_net_ipv4_conf_all_accept_source_route_value=disabled", "sysctl_net_ipv4_conf_default_accept_source_route_value=disabled", "sysctl_net_ipv6_conf_all_accept_source_route_value=disabled", "sysctl_net_ipv6_conf_default_accept_source_route_value=disabled"], "controls": []}, {"id": "SLES-15-450450135", "levels": ["medium"], "notes": "", "title": "Enable Logging Martian Packets", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_all_log_martians", "sysctl_net_ipv4_conf_default_log_martians", "sysctl_net_ipv4_conf_all_log_martians_value=enabled", "sysctl_net_ipv4_conf_default_log_martians_value=enabled"], "controls": []}, {"id": "SLES-15-450450150", "levels": ["medium"], "notes": "", "title": "Enable TCP SYN Cookies", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_tcp_syncookies", "sysctl_net_ipv4_tcp_syncookies_value=enabled"], "controls": []}, {"id": "SLES-15-450450165", "levels": ["medium"], "notes": "", "title": "Configure Accepting IPv6 Router Advertisements", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv6_conf_all_accept_ra", "sysctl_net_ipv6_conf_default_accept_ra", "sysctl_net_ipv6_conf_all_accept_ra_value=disabled", "sysctl_net_ipv6_conf_default_accept_ra_value=disabled"], "controls": []}, {"id": "SLES-15-450450180", "levels": ["medium"], "notes": "", "title": "Configure ARP filtering for All IPv4 Interfaces", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_all_arp_filter"], "controls": []}, {"id": "SLES-15-450450195", "levels": ["medium"], "notes": "", "title": "Configure Response Mode of ARP Requests for All IPv4 Interfaces", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_all_arp_ignore"], "controls": []}, {"id": "SLES-15-450450210", "levels": ["medium"], "notes": "", "title": "Prevent Routing External Traffic to Local Loopback on All IPv4 Interfaces", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_all_route_localnet"], "controls": []}, {"id": "SLES-15-450600030", "levels": ["medium"], "notes": "", "title": "Install firewalld Package", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_firewalld_installed"], "controls": []}, {"id": "SLES-15-450600045", "levels": ["medium"], "notes": "", "title": "Configure unnecessary services and ports", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": ["unnecessary_firewalld_services_ports_disabled"], "rules": [], "controls": []}, {"id": "SLES-15-450600060", "levels": ["medium"], "notes": "", "title": "Configre firewalld loopback traffic", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": ["firewalld_loopback_traffic_trusted", "firewalld_loopback_traffic_restricted"], "rules": [], "controls": []}, {"id": "SLES-15-450600075", "levels": ["medium"], "notes": "", "title": "Set Default firewalld Zone for Incoming Packets", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["set_firewalld_default_zone"], "controls": []}, {"id": "SLES-15-450600090", "levels": ["medium"], "notes": "", "title": "Enable firewalld service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_firewalld_enabled"], "controls": []}, {"id": "SLES-15-600150015", "levels": ["medium"], "notes": "", "title": "Configure permissions on /etc/ssh/sshd_config", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_sshd_config", "file_owner_sshd_config", "file_groupowner_sshd_config"], "controls": []}, {"id": "SLES-15-600150030", "levels": ["medium"], "notes": "", "title": "Verify Permissions on SSH Server Private *_key Key Files", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_sshd_private_key"], "controls": []}, {"id": "SLES-15-600150045", "levels": ["medium"], "notes": "", "title": "Verify Permissions on SSH public host key files", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_cron_hourly", "file_owner_cron_hourly", "file_groupowner_cron_hourly"], "controls": []}, {"id": "SLES-15-600150060", "levels": ["medium"], "notes": "", "title": "Configure sshd Ciphers", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_use_strong_ciphers", "sshd_use_approved_ciphers", "sshd_approved_ciphers=cis_sle15"], "controls": []}, {"id": "SLES-15-600150075", "levels": ["medium"], "notes": "", "title": "Configure sshd KexAlgorithms", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_use_strong_kex", "sshd_strong_kex=cis_sle15"], "controls": []}, {"id": "SLES-15-600150090", "levels": ["medium"], "notes": "", "title": "Configure sshd MACs", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_use_approved_macs", "sshd_use_strong_macs", "sshd_approved_macs=cis_sle15", "sshd_strong_macs=cis_sle15"], "controls": []}, {"id": "SLES-15-600150105", "levels": ["medium"], "notes": "", "title": "Configure sshd access", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_limit_user_access"], "controls": []}, {"id": "SLEM-5-SMA-02100000", "levels": ["medium"], "notes": "", "title": "Verify No netrc Files Exist", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_netrc_files"], "controls": []}, {"id": "SLES-15-600150120", "levels": ["medium"], "notes": "", "title": "Configure sshd Banner", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_enable_warning_banner"], "controls": []}, {"id": "SLES-15-600150135", "levels": ["medium"], "notes": "", "title": "Configure sshd ClientAliveInterval and ClientAliveCountMax", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": ["sshd_set_idle_timeout", "sshd_idle_timeout_value=5_minutes", "sshd_set_keepalive", "var_sshd_set_keepalive=0"], "rules": [], "controls": []}, {"id": "SLES-15-600150150", "levels": ["medium"], "notes": "", "title": "Disable sshd Forwarding", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_tcp_forwarding"], "controls": []}, {"id": "SLES-15-600150165", "levels": ["medium"], "notes": "", "title": "Disable sshd GSSAPIAuthentication", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_gssapi_auth"], "controls": []}, {"id": "SLES-15-600150180", "levels": ["medium"], "notes": "", "title": "Disable sshd HostbasedAuthentication", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["disable_host_auth"], "controls": []}, {"id": "SLES-15-600150195", "levels": ["medium"], "notes": "", "title": "Enable sshd IgnoreRhosts", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_rhosts"], "controls": []}, {"id": "SLES-15-600150210", "levels": ["medium"], "notes": "", "title": "Configure sshd LoginGraceTime", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_set_login_grace_time", "var_sshd_set_login_grace_time=60"], "controls": []}, {"id": "SLES-15-600150225", "levels": ["medium"], "notes": "", "title": "Configure sshd LogLevel", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_set_loglevel_verbose"], "controls": []}, {"id": "SLES-15-600150240", "levels": ["medium"], "notes": "", "title": "Configure sshd MaxAuthTries", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_set_max_auth_tries", "sshd_max_auth_tries_value=4"], "controls": []}, {"id": "SLES-15-600150255", "levels": ["medium"], "notes": "", "title": "Configure sshd MaxStartups", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_set_maxstartups", "var_sshd_set_maxstartups=10:30:60"], "controls": []}, {"id": "SLES-15-600150270", "levels": ["medium"], "notes": "", "title": "Configure sshd MaxSession", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_set_max_sessions", "var_sshd_max_sessions=10"], "controls": []}, {"id": "SLES-15-600150285", "levels": ["high"], "notes": "", "title": "Disable sshd PermitEmptyPasswords", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_empty_passwords"], "controls": []}, {"id": "SLES-15-600150300", "levels": ["medium"], "notes": "", "title": "Disable sshd PermitRootLogin", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_root_login"], "controls": []}, {"id": "SLES-15-600150315", "levels": ["medium"], "notes": "", "title": "Disable sshd PermitUserEnvironment", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_do_not_permit_user_env"], "controls": []}, {"id": "SLES-15-600150330", "levels": ["medium"], "notes": "", "title": "Enable sshd PAM", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_enable_pam"], "controls": []}, {"id": "SLES-15-600150345", "levels": ["medium"], "notes": "", "title": "Disable SSH Support for User Known Hosts", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_user_known_hosts"], "controls": []}, {"id": "SLES-15-600150360", "levels": ["medium"], "notes": "", "title": "Disable X11 Forwarding", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_x11_forwarding"], "controls": []}, {"id": "SLES-15-600150375", "levels": ["medium"], "notes": "", "title": "Enable Use of Strict Mode Checking", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_enable_strictmodes"], "controls": []}, {"id": "SLES-15-600150390", "levels": ["medium"], "notes": "", "title": "Enable SSH Print Last Log", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_print_last_log"], "controls": []}, {"id": "SLES-15-600150405", "levels": ["high"], "notes": "", "title": "Allow Only SSH Protocol 2", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_allow_only_protocol2"], "controls": []}, {"id": "SLES-15-600150435", "levels": ["medium"], "notes": "", "title": "Disable Kerberos Authentication", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_kerb_auth"], "controls": []}, {"id": "SLES-15-600300015", "levels": ["medium"], "notes": "", "title": "Install sudo Package", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_sudo_installed"], "controls": []}, {"id": "SLES-15-600300030", "levels": ["medium"], "notes": "", "title": "Ensure Only Users Logged In To Real tty Can Execute Sudo", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_add_use_pty"], "controls": []}, {"id": "SLES-15-600300045", "levels": ["low"], "notes": "", "title": "Configure a sudo Custom logfile", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_custom_logfile", "var_sudo_logfile=var_log_sudo_log"], "controls": []}, {"id": "SLES-15-600300060", "levels": ["medium"], "notes": "", "title": "Ensure Users Re-Authenticate for Privilege Escalation - sudo", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_require_authentication"], "controls": []}, {"id": "SLES-15-600300075", "levels": ["medium"], "notes": "", "title": "Require Re-Authentication When Using the sudo Command", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_require_reauthentication"], "controls": []}, {"id": "SLES-15-600300090", "levels": ["medium"], "notes": "", "title": "Configure sudo authentication timeout", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_require_reauthentication", "var_sudo_timestamp_timeout=15_minutes"], "controls": []}, {"id": "SLES-15-600300105", "levels": ["medium"], "notes": "", "title": "Restrict access to the su command", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_pam_wheel_group_empty", "use_pam_wheel_group_for_su", "var_pam_wheel_group_for_su=cis"], "controls": []}, {"id": "SLES-15-600300120", "levels": ["medium"], "notes": "", "title": "The operating system must restrict privilege elevation to authorized personnel", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_restrict_privilege_elevation_to_authorized"], "controls": []}, {"id": "SLES-15-600300135", "levels": ["medium"], "notes": "", "title": "Ensure sudo only includes the default configuration directory", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudoers_default_includedir"], "controls": []}, {"id": "SLES-15-600300150", "levels": ["medium"], "notes": "", "title": "Ensure sudo Runs In A Minimal Environment - sudo env_reset", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_add_env_reset"], "controls": []}, {"id": "SLES-15-600300165", "levels": ["medium"], "notes": "", "title": "Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_add_ignore_dot"], "controls": []}, {"id": "SLES-15-600300180", "levels": ["high"], "notes": "", "title": "Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_add_noexec"], "controls": []}, {"id": "SLES-15-600300195", "levels": ["medium"], "notes": "", "title": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_add_requiretty"], "controls": []}, {"id": "SLES-15-600300210", "levels": ["medium"], "notes": "", "title": "Ensure sudo umask is appropriate - sudo umask", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_add_umask"], "controls": []}, {"id": "SLES-15-600300225", "levels": ["medium"], "notes": "", "title": "Ensure a dedicated group owns sudo", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_dedicated_group"], "controls": []}, {"id": "SLES-15-600300240", "levels": ["medium"], "notes": "", "title": "Explicit arguments in sudo specifications", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudoers_explicit_command_args"], "controls": []}, {"id": "SLES-15-600300255", "levels": ["medium"], "notes": "", "title": "Don't define allowed commands in sudoers by means of exclusion", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudoers_no_command_negation"], "controls": []}, {"id": "SLES-15-600300270", "levels": ["medium"], "notes": "", "title": "Don't target root user in the sudoers file", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudoers_no_root_target"], "controls": []}, {"id": "SLES-15-600450030", "levels": ["medium"], "notes": "", "title": "Configure lockout for failed password attempts", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_passwords_pam_faillock_deny", "var_accounts_passwords_pam_faillock_deny=5"], "controls": []}, {"id": "SLES-15-600450045", "levels": ["medium"], "notes": "", "title": "Configure password unlock time", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_passwords_pam_faillock_unlock_time", "var_accounts_passwords_pam_faillock_unlock_time=900"], "controls": []}, {"id": "SLES-15-600450060", "levels": ["medium"], "notes": "", "title": "Configure the root Account for Failed Password Attempts", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_passwords_pam_faillock_deny_root"], "controls": []}, {"id": "SLES-15-600450090", "levels": ["medium"], "notes": "", "title": "Configure password number of changed characters", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["cracklib_accounts_password_pam_difok", "var_password_pam_difok=2"], "controls": []}, {"id": "SLES-15-600450105", "levels": ["medium"], "notes": "", "title": "Configure password length", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_pam_minlen", "var_password_pam_minlen=14"], "controls": []}, {"id": "SLES-15-600450120", "levels": ["medium"], "notes": "", "title": "Configure password complexity", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["cracklib_accounts_password_pam_lcredit", "cracklib_accounts_password_pam_dcredit", "cracklib_accounts_password_pam_ucredit", "cracklib_accounts_password_pam_ocredit", "var_password_pam_dcredit=1", "var_password_pam_ucredit=1", "var_password_pam_lcredit=1", "var_password_pam_ocredit=1"], "controls": []}, {"id": "SLES-15-600450180", "levels": ["medium"], "notes": "", "title": "Configure password history remember", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_pam_pwhistory_remember", "var_password_pam_remember=5"], "controls": []}, {"id": "SLES-15-600450225", "levels": ["high"], "notes": "", "title": "Prevent Login to Accounts With Empty Password", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_empty_passwords"], "controls": []}, {"id": "SLES-15-600450255", "levels": ["medium"], "notes": "", "title": "Set PAM's Password Hashing Algorithm", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["set_password_hashing_algorithm_passwordauth", "set_password_hashing_algorithm_systemauth", "var_password_hashing_algorithm_pam=sha512"], "controls": []}, {"id": "SLES-15-600600015", "levels": ["medium"], "notes": "", "title": "Configure password expiration", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_maximum_age_login_defs", "accounts_password_set_max_life_existing", "var_accounts_maximum_age_login_defs=365"], "controls": []}, {"id": "SLES-15-600600030", "levels": ["medium"], "notes": "", "title": "Configure minimum password days", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_set_min_life_existing", "accounts_minimum_age_login_defs", "var_accounts_minimum_age_login_defs=1"], "controls": []}, {"id": "SLES-15-600600045", "levels": ["medium"], "notes": "", "title": "Configure password expiration warning days", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_warn_age_login_defs", "accounts_password_set_warn_age_existing", "var_accounts_password_warn_age_login_defs=7"], "controls": []}, {"id": "SLES-15-600600060", "levels": ["medium"], "notes": "", "title": "Configure strong password hashing algorithm", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_all_shadowed_sha512", "set_password_hashing_algorithm_logindefs"], "controls": []}, {"id": "SLES-15-600600075", "levels": ["medium"], "notes": "", "title": "Configure inactive password lock", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_set_post_pw_existing", "account_disable_post_pw_expiration", "var_account_disable_post_pw_expiration=30"], "controls": []}, {"id": "SLES-15-600600090", "levels": ["medium"], "notes": "", "title": "Ensure all users last password change date is in the past", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_last_change_is_in_past"], "controls": []}, {"id": "SLES-15-600600105", "levels": ["high"], "notes": "", "title": "Verify Only Root Has UID 0", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_no_uid_except_zero"], "controls": []}, {"id": "SLES-15-600600120", "levels": ["high"], "notes": "", "title": "Verify Root Has A Primary GID 0", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_root_gid_zero"], "controls": []}, {"id": "SLES-15-600600135", "levels": ["high"], "notes": "", "title": "Verify Only Group Root Has GID 0", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["groups_no_zero_gid_except_root"], "controls": []}, {"id": "SLES-15-600600150", "levels": ["medium"], "notes": "", "title": "Ensure Authentication Required for with Single User Mode", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_root_password_configured"], "controls": []}, {"id": "SLES-15-600600165", "levels": ["medium"], "notes": "", "title": "Verify root path integrity", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_root_path_dirs_no_write", "root_path_no_dot"], "controls": []}, {"id": "SLES-15-600600180", "levels": ["medium"], "notes": "", "title": "Ensure the Root Bash Umask is Set Correctly", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_umask_root"], "controls": []}, {"id": "SLES-15-600600195", "levels": ["medium"], "notes": "", "title": "Verify system accounts do not have a valid login shell", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_shelllogin_for_systemaccounts", "no_password_auth_for_systemaccounts"], "controls": []}, {"id": "SLES-15-600600210", "levels": ["medium"], "notes": "", "title": "Verify Non-Interactive Accounts Are Locked", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_invalid_shell_accounts_unlocked"], "controls": []}, {"id": "SLES-15-600600215", "levels": ["medium"], "notes": "", "title": "Only Authorized Local User Accounts Exist on Operating System", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_authorized_local_users", "var_accounts_authorized_local_users_regex=sle15"], "controls": []}, {"id": "SLES-15-600600225", "levels": ["medium"], "notes": "", "title": "Ensure nologin Shell is Not Listed in /etc/shells", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_nologin_in_shells"], "controls": []}, {"id": "SLES-15-600600240", "levels": ["medium"], "notes": "", "title": "Configure default user shell timeout", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_tmout", "var_accounts_tmout=15_min"], "controls": []}, {"id": "SLES-15-600600255", "levels": ["medium"], "notes": "", "title": "Configure default user umask", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_umask_etc_bashrc", "accounts_umask_etc_login_defs", "accounts_umask_etc_profile", "var_accounts_user_umask=027"], "controls": []}, {"id": "SLES-15-600600270", "levels": ["medium"], "notes": "", "title": "Ensure Home Directories are Created for New Users", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_have_homedir_login_defs"], "controls": []}, {"id": "SLES-15-600600285", "levels": ["low"], "notes": "", "title": "Limit the Number of Concurrent Login Sessions Allowed Per User", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_max_concurrent_login_sessions"], "controls": []}, {"id": "SLES-15-600600300", "levels": ["medium"], "notes": "", "title": "Ensure that Users Path Contains Only Local Directories", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_user_home_paths_only"], "controls": []}, {"id": "SLES-15-600600315", "levels": ["medium"], "notes": "", "title": "Install Smart Card Packages For Multifactor Authentication", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["install_smartcard_packages"], "controls": []}, {"id": "SLES-15-600600330", "levels": ["medium"], "notes": "", "title": "Enable Smart Card Logins in PAM", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["smartcard_pam_enabled"], "controls": []}, {"id": "SLES-15-600600345", "levels": ["medium"], "notes": "", "title": "Configure Smart Card Certificate Authority Validation", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["smartcard_configure_ca"], "controls": []}, {"id": "SLES-15-600600360", "levels": ["medium"], "notes": "", "title": "Title", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["smartcard_configure_cert_checking"], "controls": []}, {"id": "SLES-15-750150015", "levels": ["medium"], "notes": "", "title": "Install AIDE", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["aide_build_database", "package_aide_installed"], "controls": []}, {"id": "SLES-15-750150030", "levels": ["medium"], "notes": "", "title": "Configure Systemd Timer Execution of AIDE", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["aide_periodic_checking_systemd_timer"], "controls": []}, {"id": "SLES-15-750150045", "levels": ["medium"], "notes": "", "title": "Configure AIDE to Verify the Audit Tools", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["aide_check_audit_tools"], "controls": []}, {"id": "SLES-15-750300015", "levels": ["medium"], "notes": "", "title": "Enable systemd-journald Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_systemd-journald_enabled"], "controls": []}, {"id": "SLES-15-750300030", "levels": ["medium"], "notes": "", "title": "Configure journald log file access", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": [], "controls": []}, {"id": "SLES-15-750300045", "levels": ["medium"], "notes": "", "title": "Configure ournald log file rotation", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": [], "controls": []}, {"id": "SLES-15-750300060", "levels": ["medium"], "notes": "", "title": "Ensure One Logging Service Is In Use", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["logging_services_active"], "controls": []}, {"id": "SLES-15-750300075", "levels": ["medium"], "notes": "", "title": "Install systemd-journal-remote", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_systemd-journal-remote_installed"], "controls": []}, {"id": "SLES-15-750300090", "levels": ["medium"], "notes": "", "title": "Configure systemd-journal-upload authentication", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["systemd_journal_upload_server_tls", "systemd_journal_upload_url"], "controls": []}, {"id": "SLES-15-750300105", "levels": ["medium"], "notes": "", "title": "Enable systemd-journal-upload Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_systemd-journal-upload_enabled"], "controls": []}, {"id": "SLES-15-750300120", "levels": ["medium"], "notes": "", "title": "Disable systemd-journal-remote Socket", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["socket_systemd-journal-remote_disabled"], "controls": []}, {"id": "SLES-15-750300135", "levels": ["medium"], "notes": "", "title": "Disable journald ForwardToSyslog", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["journald_disable_forward_to_syslog"], "controls": []}, {"id": "SLES-15-750300150", "levels": ["medium"], "notes": "", "title": "Configure journald Compress", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["journald_compress"], "controls": []}, {"id": "SLES-15-750300165", "levels": ["medium"], "notes": "", "title": "Configure journald Storage", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["journald_storage"], "controls": []}, {"id": "SLES-15-750300180", "levels": ["medium"], "notes": "", "title": "Verify Logs Sent To Remote Host", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["rsyslog_remote_loghost"], "controls": []}, {"id": "SLES-15-750300195", "levels": ["medium"], "notes": "", "title": "Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["rsyslog_nolisten"], "controls": []}, {"id": "SLES-15-750300210", "levels": ["medium"], "notes": "", "title": "Ensure rsyslog is Installed", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_rsyslog_installed"], "controls": []}, {"id": "SLES-15-750300225", "levels": ["medium"], "notes": "", "title": "Enable rsyslog Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_rsyslog_enabled"], "controls": []}, {"id": "SLES-15-750300240", "levels": ["medium"], "notes": "", "title": "Configure journald to send logs to rsyslog", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["journald_forward_to_syslog"], "controls": []}, {"id": "SLES-15-750300255", "levels": ["medium"], "notes": "", "title": "Configure rsyslog Default File Permissions", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["rsyslog_filecreatemode"], "controls": []}, {"id": "SLES-15-750300270", "levels": ["medium"], "notes": "", "title": "Configure rsyslog logging", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["rsyslog_logging_configured"], "controls": []}, {"id": "SLES-15-750300285", "levels": ["medium"], "notes": "", "title": "Configure rsyslog logrotate", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["timer_logrotate_enabled", "package_logrotate_installed", "ensure_logrotate_activated"], "controls": []}, {"id": "SLES-15-750300300", "levels": ["medium"], "notes": "", "title": "Configure access to all logfiles has been", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["rsyslog_files_permissions", "rsyslog_files_ownership", "rsyslog_files_groupownership"], "controls": []}, {"id": "SLES-15-750450015", "levels": ["medium"], "notes": "", "title": "Ensure the audit Subsystem is Installed", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_audit-libs_installed", "package_audit_installed"], "controls": []}, {"id": "SLES-15-750450030", "levels": ["low"], "notes": "", "title": "Enable Auditing for Processes Which Start Prior to the Audit Daemon", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["grub2_audit_argument"], "controls": []}, {"id": "SLES-15-750450045", "levels": ["low"], "notes": "", "title": "Extend Audit Backlog Limit for the Audit Daemon", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["grub2_audit_backlog_limit_argument", "var_audit_backlog_limit=8192"], "controls": []}, {"id": "SLES-15-750450060", "levels": ["medium"], "notes": "", "title": "Enable auditd Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_auditd_enabled"], "controls": []}, {"id": "SLES-15-750450075", "levels": ["medium"], "notes": "", "title": "Configure auditd Max Log File Size", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_data_retention_max_log_file", "var_auditd_max_log_file=6"], "controls": []}, {"id": "SLES-15-750450090", "levels": ["medium"], "notes": "", "title": "Configure auditd max_log_file_action Upon Reaching Maximum Log Size", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_data_retention_max_log_file_action", "var_auditd_max_log_file_action=keep_logs"], "controls": []}, {"id": "SLES-15-750450105", "levels": ["medium"], "notes": "", "title": "Disable the system when audit logs are full", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_data_retention_space_left_action", "auditd_data_retention_action_mail_acct", "auditd_data_retention_admin_space_left_action", "var_auditd_space_left_action=email", "var_auditd_action_mail_acct=root", "var_auditd_admin_space_left_action=halt"], "controls": []}, {"id": "SLES-15-750450120", "levels": ["medium"], "notes": "", "title": "Configure auditd mail_acct Action on Low Disk Space", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_data_retention_space_left_action", "auditd_data_retention_action_mail_acct", "auditd_data_retention_admin_space_left_action", "var_auditd_action_mail_acct=root", "var_auditd_admin_space_left_action=cis_sle15", "var_auditd_space_left_action=cis_sle15"], "controls": []}, {"id": "SLES-15-750450135", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects System Administrator Actions", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_sysadmin_actions"], "controls": []}, {"id": "SLES-15-750450150", "levels": ["medium"], "notes": "", "title": "Record Events When Executables Are Run As Another User", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_suid_auid_privilege_function"], "controls": []}, {"id": "SLES-15-750450165", "levels": ["medium"], "notes": "", "title": "Record Attempts to perform maintenance activities", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_sudo_log_events"], "controls": []}, {"id": "SLES-15-750450180", "levels": ["medium"], "notes": "", "title": "Record attempts to alter the date and time", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_time_settimeofday", "audit_rules_time_adjtimex", "audit_rules_time_watch_localtime", "audit_rules_time_stime"], "controls": []}, {"id": "SLES-15-750450195", "levels": ["medium"], "notes": "", "title": "Record Events that Modify the System's Network Environment", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_networkconfig_modification"], "controls": []}, {"id": "SLES-15-750450210", "levels": ["medium"], "notes": "", "title": "Record Events of Use of Privileged Commands", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_privileged_commands"], "controls": []}, {"id": "SLES-15-750450225", "levels": ["medium"], "notes": "", "title": "Record Events of unsuccessful file access attempts", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_unsuccessful_file_modification_open", "audit_rules_unsuccessful_file_modification_openat", "audit_rules_unsuccessful_file_modification_creat", "audit_rules_unsuccessful_file_modification_truncate", "audit_rules_unsuccessful_file_modification_ftruncate"], "controls": []}, {"id": "SLES-15-750450240", "levels": ["medium"], "notes": "", "title": "Record Events that modify user/group information", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_usergroup_modification_shadow", "audit_rules_usergroup_modification_group", "audit_rules_usergroup_modification_passwd", "audit_rules_usergroup_modification_gshadow", "audit_rules_usergroup_modification_opasswd"], "controls": []}, {"id": "SLES-15-750450255", "levels": ["medium"], "notes": "", "title": "Record Events of discretionary access control permission modification", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_dac_modification_chmod", "audit_rules_dac_modification_chown", "audit_rules_dac_modification_setxattr", "audit_rules_dac_modification_fsetxattr", "audit_rules_dac_modification_removexattr", "audit_rules_dac_modification_lremovexattr", "audit_rules_dac_modification_fchown", "audit_rules_dac_modification_lsetxattr", "audit_rules_dac_modification_fchmodat", "audit_rules_dac_modification_fchmod", "audit_rules_dac_modification_fchownat", "audit_rules_dac_modification_fremovexattr", "audit_rules_dac_modification_lchown"], "controls": []}, {"id": "SLES-15-750450270", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects Information on Exporting to Media (successful)", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_media_export"], "controls": []}, {"id": "SLES-15-750450285", "levels": ["medium"], "notes": "", "title": "Record Attempts to Alter Process and Session Initiation Information", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_session_events"], "controls": []}, {"id": "SLES-15-750450300", "levels": ["medium"], "notes": "", "title": "Record Attempts to Alter Logon and Logout Events", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_login_events_lastlog", "audit_rules_login_events_tallylog", "audit_rules_login_events_faillog"], "controls": []}, {"id": "SLES-15-750450315", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects File Deletion Events by User", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_file_deletion_events_renameat", "audit_rules_file_deletion_events_rename", "audit_rules_file_deletion_events_unlinkat", "audit_rules_file_deletion_events_unlink"], "controls": []}, {"id": "SLES-15-750450330", "levels": ["medium"], "notes": "", "title": "Record Events that Modify the System''s Mandatory Access Controls", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_mac_modification", "audit_rules_mac_modification_usr_share"], "controls": []}, {"id": "SLES-15-750450345", "levels": ["medium"], "notes": "", "title": "Record Any Attempts to Run chcon", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_execution_chcon"], "controls": []}, {"id": "SLES-15-750450360", "levels": ["medium"], "notes": "", "title": "Record Any Attempts to Run setfacl", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_execution_setfacl"], "controls": []}, {"id": "SLES-15-750450375", "levels": ["medium"], "notes": "", "title": "Record Any Attempts to Run chacl", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_execution_chacl"], "controls": []}, {"id": "SLES-15-750450390", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects Information on the Use of Privileged Commands - usermod", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_privileged_commands_usermod"], "controls": []}, {"id": "SLES-15-750450405", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects Information on the Use of Privileged Commands", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_privileged_commands_insmod", "audit_rules_kernel_module_loading", "audit_rules_kernel_module_loading_delete", "audit_rules_kernel_module_loading_init", "audit_rules_privileged_commands_rmmod", "audit_rules_privileged_commands_modprobe"], "controls": []}, {"id": "SLES-15-750450420", "levels": ["medium"], "notes": "", "title": "Make the auditd Configuration Immutable", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_immutable"], "controls": []}, {"id": "SLES-15-750450435", "levels": ["medium"], "notes": "", "title": "Verify that the running and on disk configuration is the same", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": [], "controls": []}, {"id": "SLES-15-750450450", "levels": ["medium"], "notes": "", "title": "Remove Default Configuration to Disable Syscall Auditing", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_enable_syscall_auditing"], "controls": []}, {"id": "SLES-15-750450465", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects Information on the Use of Privileged Commands - chage", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_privileged_commands_chage"], "controls": []}, {"id": "SLES-15-750450480", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects Information on the Use of Privileged Commands - chfn", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_privileged_commands_chfn"], "controls": []}, {"id": "SLES-15-750450495", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects Information on the Use of Privileged Commands - chsh", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_privileged_commands_chsh"], "controls": []}, {"id": "SLES-15-750450510", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects Information on the Use of Privileged Commands - crontab", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_privileged_commands_crontab"], "controls": []}, {"id": "SLES-15-750450525", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects Information on the Use of Privileged Commands - newgrp", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_privileged_commands_newgrp"], "controls": []}, {"id": "SLES-15-750450540", "levels": ["medium"], "notes": "", "title": "System Audit Logs Must Have Mode 0750 or Less Permissive", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["directory_permissions_var_log_audit"], "controls": []}, {"id": "SLES-15-750450555", "levels": ["medium"], "notes": "", "title": "System Audit Logs Must Have Mode 0640 or Less Permissive", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_var_log_audit"], "controls": []}, {"id": "SLES-15-750450570", "levels": ["medium"], "notes": "", "title": "System Audit Logs Must Be Owned By Root", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_ownership_var_log_audit_stig"], "controls": []}, {"id": "SLES-15-750450585", "levels": ["medium"], "notes": "", "title": "System Audit Logs Must Be Group Owned By Root", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_group_ownership_var_log_audit"], "controls": []}, {"id": "SLES-15-750450600", "levels": ["medium"], "notes": "", "title": "Audit Configuration Files Permissions are 640 or More Restrictive", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_audit_configuration"], "controls": []}, {"id": "SLES-15-750450615", "levels": ["medium"], "notes": "", "title": "Audit Configuration Files Must Be Owned By Root", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_ownership_audit_configuration"], "controls": []}, {"id": "SLES-15-750450630", "levels": ["medium"], "notes": "", "title": "Audit Configuration Files Must Be Owned By Group root", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_groupownership_audit_configuration"], "controls": []}, {"id": "SLES-15-750450645", "levels": ["medium"], "notes": "", "title": "Verify that audit tools Have Mode 0755 or less", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_audit_binaries"], "controls": []}, {"id": "SLES-15-750450660", "levels": ["medium"], "notes": "", "title": "Verify that audit tools are owned by root", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_ownership_audit_binaries"], "controls": []}, {"id": "SLES-15-750450675", "levels": ["medium"], "notes": "", "title": "Verify that audit tools are owned by group root", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_groupownership_audit_binaries"], "controls": []}, {"id": "SLES-15-750450690", "levels": ["medium"], "notes": "", "title": "Record Any Attempts to Run ssh-agent", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_privileged_commands_ssh_agent"], "controls": []}, {"id": "SLES-15-750450705", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects Information on the Use of Privileged Commands - ssh-keysign", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_privileged_commands_ssh_keysign"], "controls": []}, {"id": "SLES-15-900150000", "levels": ["high"], "notes": "", "title": "Verify and Correct File Permissions and Ownership with RPM", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["rpm_verify_ownership", "rpm_verify_permissions"], "controls": []}, {"id": "SLES-15-900150015", "levels": ["medium"], "notes": "", "title": "Configure access to /etc/passwd", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_etc_passwd", "file_groupowner_etc_gshadow", "file_permissions_etc_gshadow", "file_groupowner_etc_passwd", "file_owner_etc_gshadow", "file_permissions_etc_passwd"], "controls": []}, {"id": "SLES-15-900150030", "levels": ["medium"], "notes": "", "title": "Configure access to /etc/passwd-", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_backup_etc_gshadow", "file_permissions_backup_etc_gshadow", "file_owner_backup_etc_passwd", "file_permissions_backup_etc_passwd", "file_groupowner_backup_etc_passwd", "file_groupowner_backup_etc_gshadow"], "controls": []}, {"id": "SLES-15-900150045", "levels": ["medium"], "notes": "", "title": "Configure access to /etc/group", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_etc_group", "file_groupowner_etc_group", "file_permissions_etc_group"], "controls": []}, {"id": "SLES-15-900150060", "levels": ["medium"], "notes": "", "title": "Configure access to /etc/group-", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_backup_etc_group", "file_groupowner_backup_etc_group", "file_permissions_backup_etc_group"], "controls": []}, {"id": "SLES-15-900150075", "levels": ["medium"], "notes": "", "title": "Configure access to /etc/shadow", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_groupowner_etc_shadow", "file_permissions_etc_shadow", "file_owner_etc_shadow"], "controls": []}, {"id": "SLES-15-900150090", "levels": ["medium"], "notes": "", "title": "Configure access to /etc/shadow-", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_backup_etc_shadow", "file_groupowner_backup_etc_shadow", "file_permissions_backup_etc_shadow"], "controls": []}, {"id": "SLES-15-900150105", "levels": ["medium"], "notes": "", "title": "Configure access to /etc/gshadow", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_etc_gshadow", "file_groupowner_etc_gshadow", "file_owner_etc_gshadow"], "controls": []}, {"id": "SLES-15-900150120", "levels": ["medium"], "notes": "", "title": "Configure access to /etc/gshadow-", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_backup_etc_gshadow", "file_groupowner_backup_etc_gshadow", "file_owner_backup_etc_gshadow"], "controls": []}, {"id": "SLES-15-900150135", "levels": ["medium"], "notes": "", "title": "Configure access to /etc/shells", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_groupowner_etc_shells", "file_owner_etc_shells", "file_permissions_etc_shells"], "controls": []}, {"id": "SLES-15-900150150", "levels": ["medium"], "notes": "", "title": "Configure access to /etc/security/opasswd", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_groupowner_etc_security_opasswd_old", "file_owner_etc_security_opasswd_old", "file_owner_etc_security_opasswd", "file_permissions_etc_security_opasswd", "file_groupowner_etc_security_opasswd", "file_permissions_etc_security_opasswd_old"], "controls": []}, {"id": "SLES-15-900150165", "levels": ["medium"], "notes": "", "title": "Verify that No World-Writable Files Exist", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_unauthorized_world_writable"], "controls": []}, {"id": "SLES-15-900150180", "levels": ["medium"], "notes": "", "title": "Verify that All Files Are Owned by a User", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_files_unowned_by_user"], "controls": []}, {"id": "SLES-15-900150195", "levels": ["medium"], "notes": "", "title": "Ensure All SUID Executables Are Authorized", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_unauthorized_suid"], "controls": []}, {"id": "SLES-15-900150210", "levels": ["medium"], "notes": "", "title": "Verify access to /etc/ipsec", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["directory_owner_etc_ipsecd", "directory_groupowner_etc_ipsecd", "file_groupowner_etc_ipsec_secrets", "directory_permissions_etc_ipsecd", "file_groupowner_etc_ipsec_conf"], "controls": []}, {"id": "SLES-15-900150225", "levels": ["medium"], "notes": "", "title": "Verify access to /etc/nftables", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["directory_groupowner_etc_nftables", "directory_permissions_etc_nftables", "directory_owner_etc_nftables"], "controls": []}, {"id": "SLES-15-900150240", "levels": ["medium"], "notes": "", "title": "Verify access to /etc/selinux", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["directory_groupowner_etc_selinux", "directory_owner_etc_selinux", "directory_permissions_etc_selinux"], "controls": []}, {"id": "SLES-15-900150255", "levels": ["medium"], "notes": "", "title": "Verify access to /etc/sudoers.d", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["directory_owner_etc_sudoersd", "directory_groupowner_etc_sudoersd", "directory_permissions_etc_sudoersd"], "controls": []}, {"id": "SLES-15-900150270", "levels": ["medium"], "notes": "", "title": "Verify access to /etc/sysctl.d", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["directory_groupowner_etc_sysctld", "directory_owner_etc_sysctld", "directory_permissions_etc_sysctld"], "controls": []}, {"id": "SLES-15-900300015", "levels": ["medium"], "notes": "", "title": "Verify All Account Password Hashes are Shadowed", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_all_shadowed"], "controls": []}, {"id": "SLES-15-900300030", "levels": ["medium"], "notes": "", "title": "Verify that /etc/shadow password fields are not empty", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_legacy_plus_entries_etc_shadow", "no_legacy_plus_entries_etc_passwd"], "controls": []}, {"id": "SLES-15-900300045", "levels": ["low"], "notes": "", "title": "Verify that all groups in /etc/passwd exist in /etc/group", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["gid_passwd_group_same"], "controls": []}, {"id": "SLES-15-900300060", "levels": ["medium"], "notes": "", "title": "Verify that no duplicate UIDs exist", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["account_unique_id"], "controls": []}, {"id": "SLES-15-900300075", "levels": ["medium"], "notes": "", "title": "Verify that no duplicate GIDs exist", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["group_unique_id"], "controls": []}, {"id": "SLES-15-900300090", "levels": ["medium"], "notes": "", "title": "Verify that no duplicate user names exist", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["account_unique_name"], "controls": []}, {"id": "SLES-15-900300105", "levels": ["medium"], "notes": "", "title": "Verify that no duplicate group names exist", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["group_unique_name"], "controls": []}, {"id": "SLES-15-900300120", "levels": ["medium"], "notes": "", "title": "Configure local interactive user home directories", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_ownership_home_directories", "accounts_user_interactive_home_directory_exists", "file_permissions_home_directories", "file_groupownership_home_directories"], "controls": []}, {"id": "SLES-15-900300135", "levels": ["medium"], "notes": "", "title": "Configure local interactive user dot files access", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_user_dot_user_ownership", "file_permission_user_init_files", "no_netrc_files", "file_permission_user_bash_history", "accounts_user_dot_group_ownership", "no_rsh_trust_files", "no_forward_files", "var_user_initialization_files_regex=all_dotfiles"], "controls": []}], "levels": [{"id": "high", "inherits_from": null}, {"id": "medium", "inherits_from": null}, {"id": "low", "inherits_from": null}]}