{"description": "The libreswan package provides an implementation of IPsec\nand IKE, which permits the creation of secure tunnels over\nuntrusted networks. The <code>libreswan</code> package can be installed with the following command:\n<pre>\n$ apt-get install libreswan</pre>", "rationale": "Providing the ability for remote users or systems\nto initiate a secure VPN connection protects information when it is\ntransmitted over a wide area network.", "severity": "medium", "references": {"cis-csc": ["12", "15", "3", "5", "8"], "cobit5": ["APO13.01", "DSS01.04", "DSS05.02", "DSS05.03", "DSS05.04"], "isa-62443-2009": ["4.3.3.6.5", "4.3.3.6.6", "4.3.3.6.7", "4.3.3.6.8"], "isa-62443-2013": ["SR 1.13", "SR 2.6", "SR 3.1", "SR 3.5", "SR 3.8", "SR 4.1", "SR 4.3", "SR 5.1", "SR 5.2", "SR 5.3", "SR 7.1", "SR 7.6"], "iso27001-2013": ["A.11.2.4", "A.11.2.6", "A.13.1.1", "A.13.2.1", "A.14.1.3", "A.15.1.1", "A.15.2.1", "A.6.2.1", "A.6.2.2"], "nist": ["CM-6(a)"], "nist-csf": ["PR.AC-3", "PR.MA-2", "PR.PT-4"], "pcidss": ["Req-4.1"], "srg": ["SRG-OS-000480-GPOS-00227", "SRG-OS-000120-GPOS-00061"]}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "the package is not installed", "ocil": " Run the following command to determine if the <code>libreswan</code> package is installed: <pre>$ dpkg -l  libreswan</pre>", "oval_external_content": null, "fixtext": " To install the Ubuntu 22.04 package libreswan run the following command:\n\n$ apt-get install libreswan", "checktext": "", "vuldiscussion": "", "srg_requirement": " Ubuntu 22.04 must have the libreswan package installed.", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {"stig": {"srg_requirement": "Ubuntu 22.04 libreswan package must be installed.", "vuldiscussion": "Providing the ability for remote users or systems to initiate a secure VPN connection protects information when it is transmitted over a wide area network.", "checktext": "Verify that Ubuntu 22.04 libreswan service package is installed.\n\nCheck that the libreswan service package is installed with the following command:\n\n$ dnf list --installed libreswan\n\nExample output:\n\nlibreswan.x86_64          4.6-3.el9\n\nIf the \"libreswan\" package is not installed, this is a finding.", "fixtext": "Install the libreswan service (if it is not already installed) with the following command:\n\n$ sudo dnf install libreswan"}}, "platform": "system_with_kernel", "platforms": ["system_with_kernel"], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": ["system_with_kernel"], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Install libreswan Package", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml", "template": {"name": "package_installed", "vars": {"pkgname": "libreswan"}, "backends": {}}}