DISA SLES 15 STIG v1r3

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA SLES 15 STIG v1r3

Updated: 6/3/2022

Authority: DISA STIG

Plugin: Unix

Revision: 1.2

Estimated Item Count: 342

Audit Items

Description	Categories
DISA_STIG_SLES_15_v1r3.audit from DISA SUSE Linux Enterprise Server 15 v1r3 STIG
SLES-15-010000 - The SUSE operating system must be a vendor-supported release.	CONFIGURATION MANAGEMENT
SLES-15-010001 - The SUSE operating system must implement the Endpoint Security for Linux Threat Prevention tool - installed
SLES-15-010001 - The SUSE operating system must implement the Endpoint Security for Linux Threat Prevention tool - running
SLES-15-010010 - Vendor-packaged SUSE operating system security patches and updates must be installed and up to date.	SYSTEM AND INFORMATION INTEGRITY
SLES-15-010020 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting access via local console.	ACCESS CONTROL
SLES-15-010030 - The SUSE operating system must not have the vsftpd package installed if not required for operational support.
SLES-15-010040 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting access via SSH - issue	ACCESS CONTROL
SLES-15-010040 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting access via SSH - sshd_config	ACCESS CONTROL
SLES-15-010050 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access to the local graphical user interface (GUI) - filename	ACCESS CONTROL
SLES-15-010050 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access to the local graphical user interface (GUI) - text-info	ACCESS CONTROL
SLES-15-010050 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access to the local graphical user interface (GUI) - title	ACCESS CONTROL
SLES-15-010060 - The SUSE operating system file /etc/gdm/banner must contain the Standard Mandatory DoD Notice and Consent banner text.	ACCESS CONTROL
SLES-15-010080 - The SUSE operating system must display a banner before granting local or remote access to the system via a graphical user logon.	ACCESS CONTROL
SLES-15-010090 - The SUSE operating system must display the approved Standard Mandatory DoD Notice before granting local or remote access to the system via a graphical user logon.	ACCESS CONTROL
SLES-15-010100 - The SUSE operating system must be able to lock the graphical user interface (GUI).	ACCESS CONTROL
SLES-15-010110 - The SUSE operating system must utilize vlock to allow for session locking.	ACCESS CONTROL
SLES-15-010120 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity for the graphical user interface (GUI) - GUI.	ACCESS CONTROL
SLES-15-010130 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity - export	ACCESS CONTROL
SLES-15-010130 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity - readonly	ACCESS CONTROL
SLES-15-010130 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity - TMOUT	ACCESS CONTROL
SLES-15-010140 - The SUSE operating system must conceal, via the session lock, information previously visible on the display with a publicly viewable image in the graphical user interface (GUI) - GUI.	ACCESS CONTROL
SLES-15-010150 - The SUSE operating system must log SSH connection attempts and failures to the server - LogLevel	AUDIT AND ACCOUNTABILITY
SLES-15-010160 - The SUSE operating system must implement DoD-approved encryption to protect the confidentiality of SSH remote connections.	SYSTEM AND COMMUNICATIONS PROTECTION
SLES-15-010170 - The SUSE operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.	IDENTIFICATION AND AUTHENTICATION
SLES-15-010180 - The SUSE operating system must not have the telnet-server package installed.	CONFIGURATION MANAGEMENT
SLES-15-010190 - SUSE operating systems with a basic input/output system (BIOS) must require authentication upon booting into single-user and maintenance modes.	SYSTEM AND INFORMATION INTEGRITY
SLES-15-010200 - SUSE operating systems with Unified Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance.	SYSTEM AND INFORMATION INTEGRITY
SLES-15-010220 - The SUSE operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments - active	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT
SLES-15-010220 - The SUSE operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments - enabled
SLES-15-010220 - The SUSE operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments - rules	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT
SLES-15-010230 - The SUSE operating system must not have duplicate User IDs (UIDs) for interactive users.	IDENTIFICATION AND AUTHENTICATION
SLES-15-010240 - The SUSE operating system must disable the file system automounter unless required.
SLES-15-010250 - The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (system-auth).
SLES-15-010260 - The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs).	SYSTEM AND COMMUNICATIONS PROTECTION
SLES-15-010270 - The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.	SYSTEM AND COMMUNICATIONS PROTECTION
SLES-15-010280 - The SUSE operating system SSH daemon must be configured with a timeout interval.	ACCESS CONTROL
SLES-15-010300 - The sticky bit must be set on all SUSE operating system world-writable directories.	ACCESS CONTROL
SLES-15-010310 - The SUSE operating system must be configured to use TCP syncookies.	SYSTEM AND COMMUNICATIONS PROTECTION
SLES-15-010320 - The SUSE operating system for all network connections associated with SSH traffic must immediately terminate at the end of the session or after 10 minutes of inactivity.	ACCESS CONTROL
SLES-15-010330 - All SUSE operating system persistent disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at-rest protection.
SLES-15-010340 - The SUSE operating system must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.
SLES-15-010350 - The SUSE operating system must prevent unauthorized users from accessing system error messages - permissions	CONFIGURATION MANAGEMENT
SLES-15-010350 - The SUSE operating system must prevent unauthorized users from accessing system error messages - permissions.local	CONFIGURATION MANAGEMENT
SLES-15-010351 - The SUSE operating system library files must have mode 0755 or less permissive.
SLES-15-010352 - The SUSE operating system library directories must have mode 0755 or less permissive.
SLES-15-010353 - The SUSE operating system library files must be owned by root.
SLES-15-010354 - The SUSE operating system library directories must be owned by root.
SLES-15-010355 - The SUSE operating system library files must be group-owned by root.
SLES-15-010356 - The SUSE operating system library directories must be group-owned by root.

Detections

Analytics

DISA SLES 15 STIG v1r3

Warning! Audit Deprecated

Audit Details

Audit Items