{"id": "general_slmicro5", "policy": "General System Security Profile forSUSE Linux Enterprise Micro (SLEM) 5", "title": "General System Security Profile SUSE Linux Enterprise Micro (SLEM) 5", "source": "not_publicly_available", "definition_location": "/aptdata/openscap/scap-security-guide/controls/general_slmicro5.yml", "controls": [{"id": "SLEM-5-SET-01020000", "levels": ["low"], "notes": "", "title": "Ensure /tmp Located On Separate Partition", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_tmp"], "controls": []}, {"id": "SLEM-5-SET-01040000", "levels": ["medium"], "notes": "", "title": "Add nodev Option to /tmp", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_tmp_nodev"], "controls": []}, {"id": "SLEM-5-SET-01050000", "levels": ["medium"], "notes": "", "title": "Add nosuid Option to /tmp", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_tmp_nosuid"], "controls": []}, {"id": "SLEM-5-SET-01060000", "levels": ["low"], "notes": "", "title": "Configure /dev/shm", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_dev_shm"], "controls": []}, {"id": "SLEM-5-SET-01070000", "levels": ["medium"], "notes": "", "title": "Add noexec Option to /dev/shm", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_dev_shm_noexec"], "controls": []}, {"id": "SLEM-5-SET-01080000", "levels": ["medium"], "notes": "", "title": "Add nodev Option to /dev/shm", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_dev_shm_nodev"], "controls": []}, {"id": "SLEM-5-SET-01090000", "levels": ["medium"], "notes": "", "title": "Add nosuid Option to /dev/shm", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_dev_shm_nosuid"], "controls": []}, {"id": "SLEM-5-SET-01100000", "levels": ["medium"], "notes": "", "title": "Ensure /var Located On Separate Partition", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_var"], "controls": []}, {"id": "SLEM-5-SET-01160000", "levels": ["medium"], "notes": "", "title": "Ensure /var/log/audit Located On Separate Partition", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_var_log_audit"], "controls": []}, {"id": "SLEM-5-SET-01170000", "levels": ["medium"], "notes": "", "title": "Ensure /home Located On Separate Partition", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_home"], "controls": []}, {"id": "SLEM-5-SET-01100000", "levels": ["medium"], "notes": "", "title": "Ensure /var Located On Separate Partition", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["partition_for_var"], "controls": []}, {"id": "SLEM-5-SET-01180000", "levels": ["medium"], "notes": "", "title": "Add nodev Option to /home", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_home_nodev"], "controls": []}, {"id": "SLEM-5-SET-01190000", "levels": ["medium"], "notes": "", "title": "Add noexec Option to Removable Media Partitions", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_noexec_removable_partitions"], "controls": []}, {"id": "SLEM-5-SET-01200000", "levels": ["medium"], "notes": "", "title": "Add nodev Option to Removable Media Partitions", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_nodev_removable_partitions"], "controls": []}, {"id": "SLEM-5-SET-01210000", "levels": ["medium"], "notes": "", "title": "Add nosuid Option to Removable Media Partitions", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["mount_option_nosuid_removable_partitions"], "controls": []}, {"id": "SLEM-5-SET-01220000", "levels": ["medium"], "notes": "", "title": "Verify that All World-Writable Directories Have Sticky Bits Set", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["dir_perms_world_writable_sticky_bits"], "controls": []}, {"id": "SLEM-5-SET-01240000", "levels": ["medium"], "notes": "", "title": "Disable Modprobe Loading of USB Storage Driver", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_usb-storage_disabled"], "controls": []}, {"id": "SLEM-5-SET-02010000", "levels": ["medium"], "notes": "", "title": "Configure GPG keys", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_GPG_keys_are_configured"], "controls": []}, {"id": "SLEM-5-SET-02020000", "levels": ["medium"], "notes": "", "title": "Configure package manager repositories", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_package_repositories_are_configured"], "controls": []}, {"id": "SLEM-5-SET-02030000", "levels": ["high"], "notes": "", "title": "Ensure gpgcheck Enabled In Main zypper Configuration", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_gpgcheck_globally_activated"], "controls": []}, {"id": "SLEM-5-SET-03010000", "levels": ["medium"], "notes": "", "title": "Install sudo Package", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_sudo_installed"], "controls": []}, {"id": "SLEM-5-SET-03020000", "levels": ["medium"], "notes": "", "title": "Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_add_use_pty"], "controls": []}, {"id": "SLEM-5-SET-03030000", "levels": ["low"], "notes": "", "title": "Ensure Sudo Logfile Exists - sudo logfile", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sudo_custom_logfile", "var_sudo_logfile=var_log_sudo_log"], "controls": []}, {"id": "SLEM-5-SET-03030000", "levels": ["medium"], "notes": "", "title": "Configure grup.cfg Group/User Ownership and Permissions", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_grub2_cfg", "file_permissions_grub2_cfg", "file_groupowner_grub2_cfg"], "controls": []}, {"id": "SLEM-5-SET-04010000", "levels": ["medium"], "notes": "", "title": "The AIDE package must be installed if it is to be available for integrity checking", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["aide_build_database", "package_aide_installed"], "controls": []}, {"id": "SLEM-5-SET-04020000", "levels": ["medium"], "notes": "", "title": "Configure Systemd Timer Execution of AIDE", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["aide_periodic_checking_systemd_timer"], "controls": []}, {"id": "SLEM-5-SET-05010000", "levels": ["high"], "notes": "", "title": "Set the Boot Loader Password", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["grub2_password", "grub2_uefi_password"], "controls": []}, {"id": "SLEM-5-SET-05030000", "levels": ["medium"], "notes": "", "title": "Require Authentication for Emergency and Single User mode", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["require_emergency_target_auth", "require_singleuser_auth"], "controls": []}, {"id": "SLEM-5-SET-06020000", "levels": ["medium"], "notes": "", "title": "Enable NX/XD Support", "description": null, "rationale": null, "automated": "partially", "status": "pending", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["install_PAE_kernel_on_x86-32", "bios_enable_execution_restrictions"], "controls": []}, {"id": "SLEM-5-SET-06030000", "levels": ["medium"], "notes": "", "title": "Enable Randomized Layout of Virtual Address Space", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_kernel_randomize_va_space"], "controls": []}, {"id": "SLEM-5-SET-08010100", "levels": ["medium"], "notes": "", "title": "Modify the System Message of the Day Banner", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["banner_etc_motd", "motd_banner_text=cis_banners"], "controls": []}, {"id": "SLEM-5-SET-08010200", "levels": ["medium"], "notes": "", "title": "Modify the System Login Banner", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["banner_etc_issue", "login_banner_text=cis_banners"], "controls": []}, {"id": "SLEM-5-SET-08010300", "levels": ["medium"], "notes": "", "title": "Modify the System Login Banner for Remote Connections", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["banner_etc_issue_net", "remote_login_banner_text=cis_banners"], "controls": []}, {"id": "SLEM-5-SET-08010400", "levels": ["medium"], "notes": "", "title": "Verify Ownership and Permissions of/on Message of the Day Banner", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_etc_motd", "file_owner_etc_motd", "file_groupowner_etc_motd"], "controls": []}, {"id": "SLEM-5-SET-08010500", "levels": ["medium"], "notes": "", "title": "Verify Ownership and Permissions of/on System Login Banner", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_groupowner_etc_issue", "file_owner_etc_issue", "file_permissions_etc_issue"], "controls": []}, {"id": "SLEM-5-SET-08010600", "levels": ["medium"], "notes": "", "title": "Verify Ownership and Permissions of/on System Login Banner for Remote Connections", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_groupowner_etc_issue_net", "file_owner_etc_issue_net", "file_permissions_etc_issue_net"], "controls": []}, {"id": "SLEM-5-SET-09000000", "levels": ["medium"], "notes": "", "title": "Ensure Software Patches Installed", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["security_patches_up_to_date"], "controls": []}, {"id": "SLEM-5-SER-01010000", "levels": ["low"], "notes": "", "title": "The xinetd package is uninstalled, and its service is disabled", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_xinetd_removed", "package_tcp_wrappers_removed", "service_xinetd_disabled"], "controls": []}, {"id": "SLEM-5-SER-02010100", "levels": ["medium"], "notes": "", "title": "The Chrony package is installed", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_chrony_installed"], "controls": []}, {"id": "SLEM-5-SER-02010300", "levels": ["medium"], "notes": "", "title": "Configure the Chrony", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["chronyd_configure_pool_and_server", "chronyd_run_as_chrony_user", "var_multiple_time_servers=suse", "var_multiple_time_pools=suse"], "controls": []}, {"id": "SLEM-5-SER-02030000", "levels": ["medium"], "notes": "", "title": "Uninstall Avahi Server", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_avahi-autoipd_removed", "package_avahi_removed", "service_avahi-daemon_disabled"], "controls": []}, {"id": "SLEM-5-SER-02040000", "levels": ["medium"], "notes": "", "title": "Uninstall CUPS", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_cups_disabled", "package_cups_removed"], "controls": []}, {"id": "SLEM-5-SER-02050000", "levels": ["medium"], "notes": "", "title": "Uninstall DHCP Server", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_dhcp_removed", "package_dhcp_client_removed", "service_dhcpd_disabled"], "controls": []}, {"id": "SLEM-5-SER-02060000", "levels": ["low"], "notes": "", "title": "Uninstall openldap-servers", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_openldap-servers_removed"], "controls": []}, {"id": "SLEM-5-SER-02070000", "levels": ["medium"], "notes": "", "title": "Uninstall nfs-utils", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_nfs_disabled", "package_nfs-utils_removed"], "controls": []}, {"id": "SLEM-5-SER-02080000", "levels": ["low"], "notes": "", "title": "Uninstall rpcbind", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_rpcbind_removed", "service_rpcbind_disabled"], "controls": []}, {"id": "SLEM-5-SER-02090000", "levels": ["medium"], "notes": "", "title": "Uninstall bind", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_named_disabled", "package_bind_removed"], "controls": []}, {"id": "SLEM-5-SER-02100000", "levels": ["medium"], "notes": "", "title": "Uninstall vsftpd", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_vsftpd_disabled", "package_vsftpd_removed"], "controls": []}, {"id": "SLEM-5-SER-02120000", "levels": ["medium"], "notes": "", "title": "Uninstall dovecot (IMAP/POP3)", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_dovecot_removed", "service_dovecot_disabled"], "controls": []}, {"id": "SLEM-5-SER-02130000", "levels": ["low"], "notes": "", "title": "Uninstall samba", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_samba_removed", "service_smb_disabled"], "controls": []}, {"id": "SLEM-5-SER-02150000", "levels": ["low"], "notes": "", "title": "Uninstall net-snmp", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_net-snmp_removed", "service_snmpd_disabled"], "controls": []}, {"id": "SLEM-5-SER-02170000", "levels": ["low"], "notes": "", "title": "Uninstall rsync", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_rsyncd_disabled"], "controls": []}, {"id": "SLEM-5-SER-02190000", "levels": ["high"], "notes": "", "title": "Uninstall telnet-server Package", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_telnet-server_removed"], "controls": []}, {"id": "SLEM-5-SER-03020000", "levels": ["medium"], "notes": "", "title": "Uninstall rsh", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_rsh_removed"], "controls": []}, {"id": "SLEM-5-SER-03030000", "levels": ["medium"], "notes": "", "title": "Uninstall talk", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_talk_removed"], "controls": []}, {"id": "SLEM-5-SER-04000000", "levels": ["medium"], "notes": "", "title": "Uninstall nonessential services", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": [], "controls": []}, {"id": "SLEM-5-NET-01010000", "levels": ["medium"], "notes": "", "title": "Disable IPv6", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["grub2_ipv6_disable_argument", "sysctl_net_ipv6_conf_all_disable_ipv6"], "controls": []}, {"id": "SLEM-5-NET-01020000", "levels": ["medium"], "notes": "", "title": "Deactivate Wireless Network Interfaces", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["wireless_disable_interfaces"], "controls": []}, {"id": "SLEM-5-NET-02010000", "levels": ["medium"], "notes": "", "title": "Disable IP Forwarding", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_default_accept_source_route", "sysctl_net_ipv6_conf_all_forwarding", "sysctl_net_ipv4_ip_forward"], "controls": []}, {"id": "SLEM-5-NET-02020000", "levels": ["medium"], "notes": "", "title": "Disable Packet Redirect Sending", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_default_send_redirects", "sysctl_net_ipv4_conf_all_send_redirects"], "controls": []}, {"id": "SLEM-5-NET-03010000", "levels": ["medium"], "notes": "", "title": "Disable forwarding source-routed packets", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv6_conf_all_accept_source_route", "sysctl_net_ipv4_conf_all_accept_source_route", "sysctl_net_ipv6_conf_default_accept_source_route"], "controls": []}, {"id": "SLEM-5-NET-03020000", "levels": ["medium"], "notes": "", "title": "Disable accepting Internet Control Message Protocol (ICMP) redirects", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv6_conf_all_accept_redirects", "sysctl_net_ipv6_conf_default_accept_redirects", "sysctl_net_ipv4_conf_all_accept_redirects"], "controls": []}, {"id": "SLEM-5-NET-03030000", "levels": ["medium"], "notes": "", "title": "Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_default_accept_redirects"], "controls": []}, {"id": "SLEM-5-NET-03040000", "levels": ["medium"], "notes": "", "title": "Log suspicious packets on all IPv4 interfaces", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_all_log_martians", "sysctl_net_ipv4_conf_default_log_martians", "sysctl_net_ipv4_conf_all_log_martians_value=enabled", "sysctl_net_ipv4_conf_default_log_martians_value=enabled"], "controls": []}, {"id": "SLEM-5-NET-03050000", "levels": ["medium"], "notes": "", "title": "Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_icmp_echo_ignore_broadcasts", "sysctl_net_ipv4_icmp_echo_ignore_broadcasts_value=enabled"], "controls": []}, {"id": "SLEM-5-NET-03060000", "levels": ["medium"], "notes": "", "title": "Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_icmp_ignore_bogus_error_responses", "sysctl_net_ipv4_icmp_ignore_bogus_error_responses_value=enabled"], "controls": []}, {"id": "SLEM-5-NET-03070000", "levels": ["medium"], "notes": "", "title": "Enable Reverse Path Filtering on all IPv4 Interfaces", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_conf_all_rp_filter", "sysctl_net_ipv4_conf_default_rp_filter", "sysctl_net_ipv4_conf_all_rp_filter_value=enabled", "sysctl_net_ipv4_conf_default_rp_filter_value=enabled"], "controls": []}, {"id": "SLEM-5-NET-03080000", "levels": ["medium"], "notes": "", "title": "Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv4_tcp_syncookies"], "controls": []}, {"id": "SLEM-5-NET-03090000", "levels": ["medium"], "notes": "", "title": "Disable Accepting Router Advertisements on all IPv6 Interfaces", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sysctl_net_ipv6_conf_all_accept_ra", "sysctl_net_ipv6_conf_default_accept_ra", "sysctl_net_ipv6_conf_all_accept_ra_value=disabled", "sysctl_net_ipv6_conf_default_accept_ra_value=disabled"], "controls": []}, {"id": "SLEM-5-NET-04020000", "levels": ["high"], "notes": "", "title": "Disable SCTP Support", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_sctp_disabled"], "controls": []}, {"id": "SLEM-5-NET-05010100", "levels": ["medium"], "notes": "", "title": "Install firewalld", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_firewalld_installed"], "controls": []}, {"id": "SLEM-5-NET-05010300", "levels": ["medium"], "notes": "", "title": "Verify firewalld Enabled", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_firewalld_enabled"], "controls": []}, {"id": "SLEM-5-NET-05010400", "levels": ["medium"], "notes": "", "title": "Set Default firewalld Zone for Incoming Packets", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["set_firewalld_default_zone"], "controls": []}, {"id": "SLEM-5-NET-05010500", "levels": ["medium"], "notes": "", "title": "Ensure firewalld network interfaces are assigned to appropriate zone", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["set_firewalld_appropriate_zone"], "controls": []}, {"id": "SLEM-5-NET-05010600", "levels": ["medium"], "notes": "", "title": "Ensure firewalld Unnecessary Services and Ports Are Not Accepted", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["unnecessary_firewalld_services_ports_disabled"], "controls": []}, {"id": "SLEM-5-AUD-01010100", "levels": ["medium"], "notes": "", "title": "Ensure the audit Subsystem is Installed", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["package_audit_installed"], "controls": []}, {"id": "SLEM-5-AUD-01010200", "levels": ["medium"], "notes": "", "title": "Enable auditd Service", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_auditd_enabled"], "controls": []}, {"id": "SLEM-5-AUD-01020100", "levels": ["high"], "notes": "", "title": "Configure auditd Max Log File Size", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_data_retention_max_log_file", "var_auditd_max_log_file=6"], "controls": []}, {"id": "SLEM-5-AUD-01020200", "levels": ["high"], "notes": "", "title": "Configure auditd max_log_file_action Upon Reaching Maximum Log Size", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_data_retention_max_log_file_action", "var_auditd_max_log_file_action=keep_logs"], "controls": []}, {"id": "SLEM-5-AUD-01020300", "levels": ["high"], "notes": "", "title": "Configure auditd actions on Low Disk Space", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_data_retention_space_left_action", "auditd_data_retention_action_mail_acct", "auditd_data_retention_admin_space_left_action", "var_auditd_space_left_action=email", "var_auditd_action_mail_acct=root", "var_auditd_admin_space_left_action=halt"], "controls": []}, {"id": "SLEM-5-AUD-01030000", "levels": ["high"], "notes": "", "title": "Record attempts to modify the date and time", "description": null, "rationale": null, "automated": "partially", "status": "pending", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_time_settimeofday", "audit_rules_time_adjtimex", "audit_rules_time_watch_localtime", "audit_rules_time_stime"], "controls": []}, {"id": "SLEM-5-AUD-01040000", "levels": ["medium"], "notes": "", "title": "Collect events that modify user/group information", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_usergroup_modification_group", "audit_rules_usergroup_modification_passwd", "audit_rules_usergroup_modification_opasswd", "audit_rules_usergroup_modification_shadow"], "controls": []}, {"id": "SLEM-5-AUD-01050000", "levels": ["medium"], "notes": "", "title": "Record Events that Modify the System's Network Environment", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_networkconfig_modification"], "controls": []}, {"id": "SLEM-5-AUD-01060000", "levels": ["medium"], "notes": "", "title": "Record Events that Modify the System''s Mandatory Access Control", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_mac_modification", "audit_rules_mac_modification_usr_share"], "controls": []}, {"id": "SLEM-5-AUD-01060000", "levels": ["medium"], "notes": "", "title": "Collect login and logout events", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_login_events_lastlog", "audit_rules_login_events_tallylog"], "controls": []}, {"id": "SLEM-5-AUD-01080000", "levels": ["medium"], "notes": "", "title": "Record Attempts to Alter Process and Session Initiation Information", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_session_events"], "controls": []}, {"id": "SLEM-5-AUD-01090000", "levels": ["medium"], "notes": "", "title": "Collect discretionary access control permission modification events", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_dac_modification_fchmod", "audit_rules_dac_modification_fremovexattr", "audit_rules_dac_modification_lchown"], "controls": []}, {"id": "SLEM-5-AUD-01100000", "levels": ["medium"], "notes": "", "title": "Record Unsuccessful Access Attempts to Files - open", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_unsuccessful_file_modification_open"], "controls": []}, {"id": "SLEM-5-AUD-01011000", "levels": ["medium"], "notes": "Additional rules for priviliged commands are available and can be enabled.", "title": "Ensure auditd Collects Information on the Use of Privileged Commands", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": ["audit_rules_privileged_commands"], "rules": [], "controls": []}, {"id": "SLEM-5-AUD-01012000", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects Information on Exporting to Media (successful)", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_media_export"], "controls": []}, {"id": "SLEM-5-AUD-01013000", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects File Deletion Events by Users", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_file_deletion_events_renameat", "audit_rules_file_deletion_events_rename", "audit_rules_file_deletion_events_unlinkat", "audit_rules_file_deletion_events_unlink"], "controls": []}, {"id": "SLEM-5-AUD-01014000", "levels": ["medium"], "notes": "", "title": "Ensure auditd Collects System Administrator Actions", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_sysadmin_actions"], "controls": []}, {"id": "SLEM-5-AUD-01015000", "levels": ["medium"], "notes": "", "title": "Record Attempts to perform maintenance activities", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_sudo_log_events"], "controls": []}, {"id": "SLEM-5-AUD-01016000", "levels": ["medium"], "notes": "", "title": "Collect kernel module loading and unloading", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_privileged_commands_rmmod", "audit_rules_privileged_commands_insmod", "audit_rules_privileged_commands_modprobe", "audit_rules_kernel_module_loading_delete"], "controls": []}, {"id": "SLEM-5-AUD-01017000", "levels": ["medium"], "notes": "", "title": "Make the auditd Configuration Immutable", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_immutable"], "controls": []}, {"id": "SLEM-5-AUD-02010500", "levels": ["medium"], "notes": "", "title": "Configure systemd-journal-remote to send logs to a remote log host", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["systemd_journal_upload_server_tls", "systemd_journal_upload_url", "service_systemd-journal-upload_enabled", "package_systemd-journal-remote_installed"], "controls": []}, {"id": "SLEM-5-AUD-02030000", "levels": ["medium"], "notes": "", "title": "Verify permissions of log files", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["permissions_local_var_log"], "controls": []}, {"id": "SLEM-5-AAA-02010000", "levels": ["medium"], "notes": "", "title": "Verify Ownership and Permissions of/on SSH Server config file", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_sshd_config", "file_owner_sshd_config", "file_groupowner_sshd_config"], "controls": []}, {"id": "SLEM-5-AAA-02020000", "levels": ["medium"], "notes": "", "title": "Verify Permissions on SSH Server Private *_key Key Files", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_sshd_private_key"], "controls": []}, {"id": "SLEM-5-AAA-02030000", "levels": ["medium"], "notes": "", "title": "Verify Permissions on SSH Server Public *.pub Key Files", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_sshd_pub_key"], "controls": []}, {"id": "SLEM-5-AAA-02040000", "levels": ["medium"], "notes": "", "title": "Limit Users' SSH Access", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_limit_user_access"], "controls": []}, {"id": "SLEM-5-AAA-02050000", "levels": ["medium"], "notes": "", "title": "Set SSH Daemon LogLevel to VERBOSE", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_set_loglevel_verbose"], "controls": []}, {"id": "SLEM-5-AAA-02060000", "levels": ["medium"], "notes": "", "title": "Disable X11 Forwarding", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_x11_forwarding"], "controls": []}, {"id": "SLEM-5-AAA-02070000", "levels": ["medium"], "notes": "", "title": "Set SSH authentication attempt limit", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_set_max_auth_tries", "sshd_max_auth_tries_value=4"], "controls": []}, {"id": "SLEM-5-AAA-02080000", "levels": ["medium"], "notes": "", "title": "Disable SSH Support for .rhosts Files", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_rhosts"], "controls": []}, {"id": "SLEM-5-AAA-02090000", "levels": ["medium"], "notes": "", "title": "Disable Host-Based Authentication", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["disable_host_auth"], "controls": []}, {"id": "SLEM-5-AAA-02100000", "levels": ["medium"], "notes": "", "title": "Disable SSH Root Login", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_root_login"], "controls": []}, {"id": "SLEM-5-AAA-02110000", "levels": ["high"], "notes": "", "title": "Disable SSH Access via Empty Passwords", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_empty_passwords"], "controls": []}, {"id": "SLEM-5-AAA-02120000", "levels": ["high"], "notes": "", "title": "Do Not Allow SSH Environment Options", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_do_not_permit_user_env"], "controls": []}, {"id": "SLEM-5-AAA-02130000", "levels": ["high"], "notes": "", "title": "Use only strong Ciphers", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_use_approved_ciphers", "sshd_use_approved_ciphers_ordered_stig"], "controls": []}, {"id": "SLEM-5-AAA-02140000", "levels": ["high"], "notes": "", "title": "Use only strong MAC algorithms", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_use_approved_macs_ordered_stig", "sshd_use_approved_macs"], "controls": []}, {"id": "SLEM-5-AAA-02150000", "levels": ["medium"], "notes": "", "title": "Use Only Strong Key Exchange algorithms", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_use_strong_kex", "sshd_strong_kex=cis_sle15"], "controls": []}, {"id": "SLEM-5-AAA-02160000", "levels": ["medium"], "notes": "", "title": "Configure SSH Idle Timeout Interval", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_set_keepalive", "sshd_set_idle_timeout", "var_sshd_set_keepalive=1", "sshd_idle_timeout_value=10_minutes"], "controls": []}, {"id": "SLEM-5-AAA-02170000", "levels": ["medium"], "notes": "", "title": "Ensure SSH LoginGraceTime is configured", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_set_login_grace_time", "var_sshd_set_login_grace_time=60"], "controls": []}, {"id": "SLEM-5-AAA-02180000", "levels": ["medium"], "notes": "", "title": "Configure SSH warning banner", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_enable_warning_banner", "banner_etc_issue", "login_banner_text=dod_banners"], "controls": []}, {"id": "SLEM-5-AAA-02190000", "levels": ["medium"], "notes": "", "title": "Enable SSH PAM", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_enable_pam"], "controls": []}, {"id": "SLEM-5-AAA-02200000", "levels": ["high"], "notes": "", "title": "Disable SSH TCP Forwarding", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_tcp_forwarding"], "controls": []}, {"id": "SLEM-5-AAA-02210000", "levels": ["medium"], "notes": "", "title": "Ensure SSH MaxStartups is configured", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_set_maxstartups", "var_sshd_set_maxstartups=10:30:60"], "controls": []}, {"id": "SLEM-5-AAA-02220000", "levels": ["medium"], "notes": "", "title": "Set SSH MaxSessions limit", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_set_max_sessions", "var_sshd_max_sessions=10"], "controls": []}, {"id": "SLEM-5-AAA-03010000", "levels": ["medium"], "notes": "", "title": "Configure password creation requirements", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["cracklib_accounts_password_pam_dcredit", "cracklib_accounts_password_pam_minlen", "cracklib_accounts_password_pam_ocredit", "cracklib_accounts_password_pam_ucredit", "cracklib_accounts_password_pam_lcredit", "cracklib_accounts_password_pam_retry", "var_password_pam_retry=3"], "controls": []}, {"id": "SLEM-5-AAA-03020000", "levels": ["medium"], "notes": "", "title": "Set Deny For Failed Password Attempts", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_passwords_pam_tally2", "var_password_pam_tally2=3"], "controls": []}, {"id": "SLEM-5-AAA-03030000", "levels": ["medium"], "notes": "", "title": "Limit Password Reuse", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_pam_pwhistory_remember", "var_password_pam_remember_control_flag=requisite", "var_password_pam_remember=5"], "controls": []}, {"id": "SLEM-5-AAA-04010100", "levels": ["high"], "notes": "", "title": "Verify All Account Password Hashes are Shadowed with SHA512", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_all_shadowed_sha512", "set_password_hashing_algorithm_logindefs", "var_password_hashing_algorithm=SHA512"], "controls": []}, {"id": "SLEM-5-AAA-04010200", "levels": ["medium"], "notes": "", "title": "Set Existing Passwords Maximum Age", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_maximum_age_login_defs", "accounts_password_set_max_life_existing", "var_accounts_maximum_age_login_defs=60"], "controls": []}, {"id": "SLEM-5-AAA-04010300", "levels": ["medium"], "notes": "", "title": "Set Existing Passwords Minimum Age", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_set_min_life_existing", "accounts_minimum_age_login_defs", "var_accounts_minimum_age_login_defs=1"], "controls": []}, {"id": "SLEM-5-AAA-04010400", "levels": ["medium"], "notes": "", "title": "Set and Apply Password Warning Age", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_warn_age_login_defs", "accounts_password_set_warn_age_existing", "var_accounts_password_warn_age_login_defs=7"], "controls": []}, {"id": "SLEM-5-AAA-04010500", "levels": ["medium"], "notes": "", "title": "Set Account Expiration Following Inactivity", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["account_disable_post_pw_expiration"], "controls": []}, {"id": "SLEM-5-AAA-04010600", "levels": ["medium"], "notes": "", "title": "Ensure all users last password change date is in the past", "description": null, "rationale": null, "automated": "partially", "status": "pending", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_last_change_is_in_past"], "controls": []}, {"id": "SLEM-5-AAA-04020000", "levels": ["medium"], "notes": "", "title": "Ensure that System Accounts Do Not Run a Shell Upon Login", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_shelllogin_for_systemaccounts"], "controls": []}, {"id": "SLEM-5-AAA-04030000", "levels": ["high"], "notes": "", "title": "Verify Root Has A Primary GID 0", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_root_gid_zero"], "controls": []}, {"id": "SLEM-5-AAA-04040000", "levels": ["medium"], "notes": "", "title": "Set Interactive Session Timeout", "description": null, "rationale": null, "automated": "partially", "status": "pending", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_tmout", "var_accounts_tmout=15_min"], "controls": []}, {"id": "SLEM-5-AAA-04050000", "levels": ["medium"], "notes": "", "title": "Ensure the Default Umask is Set Correctly in login.defs", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_umask_etc_login_defs"], "controls": []}, {"id": "SLEM-5-AAA-05050000", "levels": ["medium"], "notes": "", "title": "Restrict direct and virtual console Root Logins", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_direct_root_logins", "securetty_root_login_console_only"], "controls": []}, {"id": "SLEM-5-AAA-05060000", "levels": ["medium"], "notes": "", "title": "Enforce Usage of pam_wheel on the System for su Authentication", "description": null, "rationale": null, "automated": "partially", "status": "pending", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_pam_wheel_group_empty", "use_pam_wheel_group_for_su", "var_pam_wheel_group_for_su=cis"], "controls": []}, {"id": "SLEM-5-SMA-01010000", "levels": ["high"], "notes": "", "title": "Verify and Correct Ownership and File Permissions with RPM", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": ["rpm_verify_permissions", "rpm_verify_ownership"], "rules": [], "controls": []}, {"id": "SLEM-5-SMA-01020000", "levels": ["medium"], "notes": "", "title": "Configure permissions on /etc/passwd", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_etc_passwd", "file_groupowner_etc_gshadow", "file_permissions_etc_gshadow", "file_groupowner_etc_passwd", "file_owner_etc_gshadow", "file_permissions_etc_passwd"], "controls": []}, {"id": "SLEM-5-SMA-01030000", "levels": ["medium"], "notes": "", "title": "Configure permissions on /etc/shadow", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_groupowner_etc_shadow", "file_permissions_etc_shadow", "file_owner_etc_shadow"], "controls": []}, {"id": "SLEM-5-SMA-01040000", "levels": ["medium"], "notes": "", "title": "Configure permissions on /etc/group", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_etc_group", "file_groupowner_etc_group", "file_permissions_etc_group"], "controls": []}, {"id": "SLEM-5-SMA-01050000", "levels": ["medium"], "notes": "", "title": "Configure permissions on /etc/passwd-", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_backup_etc_gshadow", "file_permissions_backup_etc_gshadow", "file_owner_backup_etc_passwd", "file_permissions_backup_etc_passwd", "file_groupowner_backup_etc_passwd", "file_groupowner_backup_etc_gshadow"], "controls": []}, {"id": "SLEM-5-SMA-01060000", "levels": ["medium"], "notes": "", "title": "Configure permissions on /etc/shadow-", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_backup_etc_shadow", "file_groupowner_backup_etc_shadow", "file_permissions_backup_etc_shadow"], "controls": []}, {"id": "SLEM-5-SMA-01070000", "levels": ["medium"], "notes": "", "title": "Configure permissions on /etc/group-", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_owner_backup_etc_group", "file_groupowner_backup_etc_group", "file_permissions_backup_etc_group"], "controls": []}, {"id": "SLEM-5-SMA-01080000", "levels": ["medium"], "notes": "", "title": "Ensure No World-Writable Files Exist", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_unauthorized_world_writable"], "controls": []}, {"id": "SLEM-5-SMA-01090000", "levels": ["medium"], "notes": "", "title": "Ensure All Files Are Owned by a Use", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_files_unowned_by_user"], "controls": []}, {"id": "SLEM-5-SMA-01100000", "levels": ["medium"], "notes": "", "title": "Ensure All Files Are Owned by a Group", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_ungroupowned"], "controls": []}, {"id": "SLEM-5-SMA-01110000", "levels": ["medium"], "notes": "", "title": "Ensure All SUID Executables Are Authorized", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": ["file_permissions_unauthorized_suid"], "rules": [], "controls": []}, {"id": "SLEM-5-SMA-01120000", "levels": ["medium"], "notes": "", "title": "Ensure All SGID Executables Are Authorized", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": ["file_permissions_unauthorized_sgid"], "rules": [], "controls": []}, {"id": "SLEM-5-SMA-02010000", "levels": ["medium"], "notes": "", "title": "Verify All Account Password Hashes are Shadowed", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_password_all_shadowed"], "controls": []}, {"id": "SLEM-5-SMA-02020000", "levels": ["medium"], "notes": "", "title": "Ensure there are no legacy NIS entries in /etc/passwd and /etc/shadow", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_legacy_plus_entries_etc_shadow", "no_legacy_plus_entries_etc_passwd"], "controls": []}, {"id": "SLEM-5-SMA-02030000", "levels": ["high"], "notes": "", "title": "Verify Only Root Has UID 0", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_no_uid_except_zero"], "controls": []}, {"id": "SLEM-5-SMA-02040000", "levels": ["medium"], "notes": "", "title": "Ensure Root's path Integrity", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_root_path_dirs_no_write", "root_path_no_dot"], "controls": []}, {"id": "SLEM-5-SMA-02050000", "levels": ["medium"], "notes": "", "title": "All Interactive Users Home Directories Must Exist", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_user_interactive_home_directory_exists"], "controls": []}, {"id": "SLEM-5-SMA-02060000", "levels": ["medium"], "notes": "", "title": "All Interactive User Home Directories Must Have mode 0750 Or Less Permissive", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_permissions_home_directories"], "controls": []}, {"id": "SLEM-5-SMA-02070000", "levels": ["medium"], "notes": "", "title": "All Interactive User Home Directories Must Be Group-Owned By The Primary Group", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["file_groupownership_home_directories"], "controls": []}, {"id": "SLEM-5-SMA-02080000", "levels": ["medium"], "notes": "", "title": "User Initialization Files Must Not Run World-Writable Programs", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_user_dot_no_world_writable_programs"], "controls": []}, {"id": "SLEM-5-SMA-02090000", "levels": ["medium"], "notes": "", "title": "Verify No .forward Files Exist", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_forward_files"], "controls": []}, {"id": "SLEM-5-SMA-02100000", "levels": ["medium"], "notes": "", "title": "Verify No netrc Files Exist", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["no_netrc_files"], "controls": []}, {"id": "SLEM-5-SMA-02110000", "levels": ["medium"], "notes": "", "title": "Ensure users' .netrc Files are not group or world accessible", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["accounts_users_netrc_file_permissions"], "controls": []}, {"id": "SLEM-5-SMA-02120000", "levels": ["high"], "notes": "", "title": "Remove Rsh Trust Files", "description": null, "rationale": null, "automated": "no", "status": "manual", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": ["no_rsh_trust_files"], "rules": [], "controls": []}, {"id": "SLEM-5-SMA-02130000", "levels": ["low"], "notes": "", "title": "Ensure all GIDs referenced in /etc/passwd are defined in /etc/group", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["gid_passwd_group_same"], "controls": []}, {"id": "SLEM-5-SMA-02140000", "levels": ["medium"], "notes": "", "title": "Ensure All Accounts on the System Have Unique User IDs", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["account_unique_id"], "controls": []}, {"id": "SLEM-5-SMA-02150000", "levels": ["medium"], "notes": "", "title": "Ensure All Groups on the System Have Unique Group ID", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["group_unique_id"], "controls": []}, {"id": "SLEM-5-SMA-02160000", "levels": ["medium"], "notes": "", "title": "Ensure All Accounts on the System Have Unique Names", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["account_unique_name"], "controls": []}, {"id": "SLEM-5-SMA-02170000", "levels": ["medium"], "notes": "", "title": "Ensure All Groups on the System Have Unique Group Names", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["group_unique_name"], "controls": []}, {"id": "SLEM-5-SMA-02180000", "levels": ["medium"], "notes": "", "title": "Ensure shadow Group on the System is Empty", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_shadow_group_empty"], "controls": []}], "levels": [{"id": "high", "inherits_from": null}, {"id": "medium", "inherits_from": null}, {"id": "low", "inherits_from": null}]}