Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 11 additions & 19 deletions controls/stig_ubuntu2404.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
policy: Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide (STIG)
title: Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide (STIG)
id: stig_ubuntu2404
version: V1R1
version: V1R5
source: https://www.cyber.mil/stigs/downloads/

levels:
Expand Down Expand Up @@ -65,7 +65,8 @@ controls:
status: automated

- id: UBTU-24-100110
title: Ubuntu 24.04 LTS must configure AIDE to preform file integrity checking on the file system.
title: Ubuntu 24.04 LTS must configure AIDE to perform file integrity checking on the file system
if installed.
levels:
- medium
rules:
Expand Down Expand Up @@ -666,15 +667,6 @@ controls:
- sshd_x11_use_localhost
status: automated

- id: UBTU-24-300024
title: Ubuntu 24.04 LTS must display the date and time of the last successful account logon upon
logon.
levels:
- low
rules:
- display_login_attempts
status: automated

- id: UBTU-24-300025
title: Ubuntu 24.04 LTS must disable the x86 Ctrl-Alt-Delete key sequence if a graphical user interface
is installed.
Expand Down Expand Up @@ -1250,7 +1242,7 @@ controls:
- id: UBTU-24-700400
title: Ubuntu 24.04 LTS must be a vendor-supported release.
levels:
- medium
- high
rules:
- installed_OS_is_vendor_supported
status: automated
Expand Down Expand Up @@ -1708,7 +1700,7 @@ controls:
status: automated

- id: UBTU-24-901250
title: Ubuntu 24.04 LTS must configure the audit tools to be group-owned by root.
title: Ubuntu 24.04 LTS must configure the audit tools to be group owned by root.
levels:
- medium
rules:
Expand Down Expand Up @@ -1775,18 +1767,18 @@ controls:
- directory_permissions_var_log_audit
status: automated

- id: UBTU-24-90890
title: Ubuntu 24.04 LTS must use cryptographic mechanisms to protect the integrity of audit tools.
- id: UBTU-24-909000
title: Ubuntu 24.04 LTS audit system must protect auditing rules from unauthorized change.
levels:
- medium
rules:
- aide_check_audit_tools
- audit_rules_immutable
status: automated

- id: UBTU-24-909000
title: Ubuntu 24.04 LTS audit system must protect auditing rules from unauthorized change.
- id: UBTU-24-909890
title: Ubuntu 24.04 LTS must use cryptographic mechanisms to protect the integrity of audit tools.
levels:
- medium
rules:
- audit_rules_immutable
- aide_check_audit_tools
status: automated
6 changes: 3 additions & 3 deletions products/ubuntu2404/profiles/stig.profile
Original file line number Diff line number Diff line change
@@ -1,19 +1,19 @@
documentation_complete: true

metadata:
version: V1R1
version: V1R5
SMEs:
- mpurg
- dodys
- alanmcanonical

reference: https://www.cyber.mil/stigs/downloads

title: 'Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide (STIG) V1R1'
title: 'Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide (STIG) V1R5'

description: |-
This profile contains configuration checks that align to the
DISA STIG for Canonical Ubuntu 24.04 LTS V1R1.
DISA STIG for Canonical Ubuntu 24.04 LTS V1R5.

selections:
- stig_ubuntu2404:all
Loading