Oct 15, 2024 Functional Update- UBTU-16-010350 - There must be no .shosts files on the Ubuntu operating system.
- UBTU-16-010360 - There must be no shosts.equiv files on the Ubuntu operating system.
- UBTU-16-010420 - All world-writable directories must be group-owned by root, sys, bin, or an application group.
- UBTU-16-010700 - All files and directories must have a valid owner.
- UBTU-16-010710 - All files and directories must have a valid group owner.
- UBTU-16-010790 - Local initialization files must not execute world-writable programs.
- UBTU-16-030070 - A sticky bit must be set on all public directories to prevent unauthorized and unintended information transferred via shared system resources.
|
Mar 25, 2024 Functional Update- UBTU-16-010770 - All local initialization files must have mode 0740 or less permissive.
|
Feb 7, 2024 Functional Update- UBTU-16-010410 - All public directories must be owned by root to prevent unauthorized and unintended information transferred via shared system resources.
Miscellaneous- Metadata updated.
- References updated.
|
Apr 12, 2023 Functional Update- UBTU-16-010100 - The Ubuntu operating system must enforce password complexity by requiring that at least one upper-case character be used.
- UBTU-16-010110 - The Ubuntu operating system must enforce password complexity by requiring that at least one lower-case character be used.
- UBTU-16-010120 - The Ubuntu operating system must enforce password complexity by requiring that at least one numeric character be used.
- UBTU-16-010130 - All passwords must contain at least one special character.
- UBTU-16-010140 - The Ubuntu operating system must require the change of at least 8 characters when passwords are changed.
- UBTU-16-010150 - The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
- UBTU-16-010210 - Passwords for new users must have a 24 hours/1 day minimum password lifetime restriction.
- UBTU-16-010220 - Passwords for new users must have a 60-day maximum password lifetime restriction.
- UBTU-16-010240 - Passwords must have a minimum of 15-characters.
- UBTU-16-010260 - The Ubuntu operating system must prevent the use of dictionary words for passwords.
- UBTU-16-010640 - Default permissions must be defined in such a way that all authenticated users can only read and modify their own files.
- UBTU-16-010730 - All local interactive user accounts, upon creation, must be assigned a home directory.
Miscellaneous- Metadata updated.
- Platform check updated.
- Variables updated.
|
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
|
Jan 4, 2023 Functional Update- UBTU-16-030300 - The SSH daemon must not allow authentication using known hosts authentication.
- UBTU-16-030520 - For Ubuntu operating systems using Domain Name Servers (DNS) resolution, at least two name servers must be configured - nameserver 1
- UBTU-16-030520 - For Ubuntu operating systems using Domain Name Servers (DNS) resolution, at least two name servers must be configured - nameserver 2
|
Dec 7, 2022 |
Oct 18, 2022 Functional Update- UBTU-16-010520 - The file integrity tool must be configured to verify Access Control Lists (ACLs).
- UBTU-16-010530 - The file integrity tool must be configured to verify extended attributes.
Informational Update- UBTU-16-010520 - The file integrity tool must be configured to verify Access Control Lists (ACLs).
- UBTU-16-010530 - The file integrity tool must be configured to verify extended attributes.
|
Jul 27, 2022 Functional Update- UBTU-16-030200 - The Ubuntu operating system must enforce SSHv2 for network access to all accounts.
- UBTU-16-030250 - The Ubuntu operating system must be configured so that the SSH daemon does not allow authentication using an empty password - PermitEmptyPasswords
- UBTU-16-030251 - The Ubuntu operating system must not allow users to override SSH environment variables.
|
Apr 25, 2022 Miscellaneous- Metadata updated.
- References updated.
|
