DISA STIG Ubuntu 18.04 LTS v2r15

Audit Details

Name: DISA STIG Ubuntu 18.04 LTS v2r15

Updated: 8/19/2024

Authority: DISA STIG

Plugin: Unix

Revision: 1.0

Estimated Item Count: 177

File Details

Filename: DISA_STIG_Ubuntu_18.04_LTS_v2r15.audit

Size: 567 kB

MD5: 5f49807b1343430bbc55c29261375c44
SHA256: 3eef36d7c301e61b619fe669e600785f0d17184f191fa7dceb3d3fa79927b019

Audit Items

DescriptionCategories
DISA_STIG_Ubuntu_18.04_LTS_v2r15.audit from DISA Canonical Ubuntu 18.04 LTS v2r15 STIG
UBTU-18-010000 - Ubuntu operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes.

ACCESS CONTROL

UBTU-18-010001 - Ubuntu operating systems booted with United Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance.

ACCESS CONTROL

UBTU-18-010002 - The Ubuntu operating system must initiate session audits at system startup.

AUDIT AND ACCOUNTABILITY

UBTU-18-010003 - Ubuntu operating systems handling data requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-18-010005 - The Ubuntu operating system must implement NIST FIPS-validated cryptography to protect classified information and for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-18-010006 - The Ubuntu operating system must immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity.

AUDIT AND ACCOUNTABILITY

UBTU-18-010007 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system in real time, if the system is interconnected.

AUDIT AND ACCOUNTABILITY

UBTU-18-010008 - The Ubuntu operating system must have a crontab script running weekly to off-load audit events of standalone systems.

AUDIT AND ACCOUNTABILITY

UBTU-18-010016 - Advance package Tool (APT) must be configured to prevent the installation of patches, service packs, device drivers, or Ubuntu operating system components without verification they have been digitally signed using a certificate that is recognized and approved by the organization.

CONFIGURATION MANAGEMENT

UBTU-18-010017 - The Ubuntu operating system must be configured so that Advance package Tool (APT) removes all software components after updated versions have been installed.

SYSTEM AND INFORMATION INTEGRITY

UBTU-18-010018 - The Ubuntu operating system must not have the Network Information Service (NIS) package installed.

CONFIGURATION MANAGEMENT

UBTU-18-010019 - The Ubuntu operating system must not have the rsh-server package installed.

CONFIGURATION MANAGEMENT

UBTU-18-010021 - The Ubuntu operating system must deploy Endpoint Security for Linux Threat Prevention (ENSLTP).

SYSTEM AND INFORMATION INTEGRITY

UBTU-18-010022 - The Ubuntu operating system must be configured to preserve log records from failure events.

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-18-010023 - The Ubuntu operating system must have an application firewall installed in order to control remote access methods.

ACCESS CONTROL

UBTU-18-010025 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system or storage media from the system being audited.

AUDIT AND ACCOUNTABILITY

UBTU-18-010030 - The Ubuntu operating system must be configured such that Pluggable Authentication Module (PAM) prohibits the use of cached authentications after one day.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010031 - The Ubuntu operating system must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt.

CONFIGURATION MANAGEMENT

UBTU-18-010032 - The Ubuntu operating system must display the date and time of the last successful account logon upon logon.

ACCESS CONTROL

UBTU-18-010033 - The Ubuntu operating system must be configured so that three consecutive invalid logon attempts by a user automatically locks the account until released by an administrator.

ACCESS CONTROL

UBTU-18-010035 - The Ubuntu operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting local access to the system via a graphical user logon.

ACCESS CONTROL

UBTU-18-010036 - The Ubuntu operating system must prevent direct login into the root account.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010037 - The Ubuntu operating system must be configured so that only users who need access to security functions are part of the sudo group.

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-18-010038 - The Ubuntu operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting any publically accessible connection to the system.

ACCESS CONTROL

UBTU-18-010100 - The Ubuntu operating system must enforce password complexity by requiring that at least one upper-case character be used.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010101 - The Ubuntu operating system must enforce password complexity by requiring that at least one lower-case character be used.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010102 - The Ubuntu operating system must enforce password complexity by requiring that at least one numeric character be used.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010103 - The Ubuntu operating system must require the change of at least 8 characters when passwords are changed.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010104 - The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010105 - The Ubuntu operating system must not have the telnet package installed.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010106 - The Ubuntu operating system must enforce 24 hours/1 day as the minimum password lifetime. Passwords for new users must have a 24 hours/1 day minimum password lifetime restriction.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010107 - The Ubuntu operating system must enforce a 60-day maximum password lifetime restriction. Passwords for new users must have a 60-day maximum password lifetime restriction.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010108 - The Ubuntu operating system must prohibit password reuse for a minimum of five generations.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010109 - The Ubuntu operating system must enforce a minimum 15-character password length.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010110 - The Ubuntu operating system must employ a FIPS 140-2 approved cryptographic hashing algorithms for all created and stored passwords.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010112 - The Ubuntu operating system must allow the use of a temporary password for system logons with an immediate change to a permanent password.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010113 - The Ubuntu operating system must prevent the use of dictionary words for passwords.

CONFIGURATION MANAGEMENT

UBTU-18-010114 - The Ubuntu operating system must require users to re-authenticate for privilege escalation and changing roles.

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010116 - The Ubuntu Operating system must be configured so that when passwords are changed or new passwords are established, pwquality must be used.

CONFIGURATION MANAGEMENT

UBTU-18-010120 - The Ubuntu operating system must set a sticky bit on all public directories to prevent unauthorized and unintended information transferred via shared system resources.

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-18-010121 - The Ubuntu operating system must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.

SYSTEM AND INFORMATION INTEGRITY

UBTU-18-010122 - The Ubuntu operating system must configure the /var/log directory to be group-owned by syslog.

SYSTEM AND INFORMATION INTEGRITY

UBTU-18-010123 - The Ubuntu operating system must configure the /var/log directory to be owned by root.

SYSTEM AND INFORMATION INTEGRITY

UBTU-18-010124 - The Ubuntu operating system must configure the /var/log directory to have mode 0755 or less permissive.

SYSTEM AND INFORMATION INTEGRITY

UBTU-18-010125 - The Ubuntu operating system must configure the /var/log/syslog file to be group-owned by adm.

SYSTEM AND INFORMATION INTEGRITY

UBTU-18-010126 - The Ubuntu operating system must configure /var/log/syslog file to be owned by syslog.

SYSTEM AND INFORMATION INTEGRITY

UBTU-18-010127 - The Ubuntu operating system must configure /var/log/syslog file with mode 0640 or less permissive.

SYSTEM AND INFORMATION INTEGRITY

UBTU-18-010128 - The Ubuntu operating system must configure audit tools with a mode of 0755 or less permissive.

AUDIT AND ACCOUNTABILITY

UBTU-18-010129 - The Ubuntu operating system must configure audit tools to be owned by root.

AUDIT AND ACCOUNTABILITY