Detections
Analytics

DISA SLES 15 STIG v1r6

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA SLES 15 STIG v1r6

Updated: 4/12/2023

Authority: Operating Systems and Applications

Plugin: Unix

Revision: 1.6

Estimated Item Count: 299

Audit Items

DescriptionCategories
DISA_STIG_SLES_15_v1r6.audit from DISA SUSE Linux Enterprise Server 15 v1r6 STIG
SLES-15-010000 - The SUSE operating system must be a vendor-supported release.
SLES-15-010001 - The SUSE operating system must implement the Endpoint Security for Linux Threat Prevention tool - installed
SLES-15-010001 - The SUSE operating system must implement the Endpoint Security for Linux Threat Prevention tool - running
SLES-15-010010 - Vendor-packaged SUSE operating system security patches and updates must be installed and up to date.
SLES-15-010020 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting access via local console.
SLES-15-010030 - The SUSE operating system must not have the vsftpd package installed if not required for operational support.
SLES-15-010040 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting access via SSH - issue
SLES-15-010040 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting access via SSH - sshd_config
SLES-15-010050 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access to the local graphical user interface (GUI) - filename
SLES-15-010050 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access to the local graphical user interface (GUI) - text-info
SLES-15-010050 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access to the local graphical user interface (GUI) - title
SLES-15-010060 - The SUSE operating system file /etc/gdm/banner must contain the Standard Mandatory DoD Notice and Consent banner text.
SLES-15-010080 - The SUSE operating system must display a banner before granting local or remote access to the system via a graphical user logon.
SLES-15-010090 - The SUSE operating system must display the approved Standard Mandatory DoD Notice before granting local or remote access to the system via a graphical user logon.
SLES-15-010100 - The SUSE operating system must be able to lock the graphical user interface (GUI).
SLES-15-010110 - The SUSE operating system must utilize vlock to allow for session locking.
SLES-15-010120 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity for the graphical user interface (GUI) - GUI.
SLES-15-010130 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity - export
SLES-15-010130 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity - readonly
SLES-15-010130 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity - TMOUT
SLES-15-010140 - The SUSE operating system must conceal, via the session lock, information previously visible on the display with a publicly viewable image in the graphical user interface (GUI) - GUI.
SLES-15-010150 - The SUSE operating system must log SSH connection attempts and failures to the server - LogLevel
SLES-15-010160 - The SUSE operating system must implement DoD-approved encryption to protect the confidentiality of SSH remote connections.
SLES-15-010170 - The SUSE operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
SLES-15-010180 - The SUSE operating system must not have the telnet-server package installed.
SLES-15-010190 - SUSE operating systems with a basic input/output system (BIOS) must require authentication upon booting into single-user and maintenance modes.
SLES-15-010200 - SUSE operating systems with Unified Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance.
SLES-15-010220 - The SUSE operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments - active
SLES-15-010220 - The SUSE operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments - enabled
SLES-15-010220 - The SUSE operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments - rules
SLES-15-010230 - The SUSE operating system must not have duplicate User IDs (UIDs) for interactive users.
SLES-15-010240 - The SUSE operating system must disable the file system automounter unless required.
SLES-15-010260 - The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs).
SLES-15-010270 - The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.
SLES-15-010280 - The SUSE operating system SSH daemon must be configured with a timeout interval.
SLES-15-010300 - The sticky bit must be set on all SUSE operating system world-writable directories.
SLES-15-010310 - The SUSE operating system must be configured to use TCP syncookies.
SLES-15-010320 - The SUSE operating system for all network connections associated with SSH traffic must immediately terminate at the end of the session or after 10 minutes of inactivity.
SLES-15-010330 - All SUSE operating system persistent disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at-rest protection.
SLES-15-010340 - The SUSE operating system must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.
SLES-15-010350 - The SUSE operating system must prevent unauthorized users from accessing system error messages - permissions
SLES-15-010350 - The SUSE operating system must prevent unauthorized users from accessing system error messages - permissions.local
SLES-15-010351 - The SUSE operating system library files must have mode 0755 or less permissive.
SLES-15-010352 - The SUSE operating system library directories must have mode 0755 or less permissive.
SLES-15-010353 - The SUSE operating system library files must be owned by root.
SLES-15-010354 - The SUSE operating system library directories must be owned by root.
SLES-15-010355 - The SUSE operating system library files must be group-owned by root.
SLES-15-010356 - The SUSE operating system library directories must be group-owned by root.
SLES-15-010357 - The SUSE operating system must have system commands set to a mode of 0755 or less permissive.