Home
Security Hardening
DISA SLES 15 STIG V1R3

DISA SLES 15 STIG V1R3

SLES-15-010220 – The SUSE operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments – rules
Details To prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within...
SLES-15-010100 – The SUSE operating system must be able to lock the graphical user interface (GUI).
Details A session lock is a temporary action taken when a user stops work and moves away from the immediate...
SLES-15-010230 – The SUSE operating system must not have duplicate User IDs (UIDs) for interactive users.
Details To ensure accountability and prevent unauthenticated access, interactive users must be identified and authenticated to prevent potential misuse and...
SLES-15-010260 – The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs).
Details Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied...
SLES-15-010270 – The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.
Details Without cryptographic integrity protections, information can be altered by unauthorized users without detection. Remote access (e.g., RDP) is access...
SLES-15-010280 – The SUSE operating system SSH daemon must be configured with a timeout interval.
Details Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take...
SLES-15-010300 – The sticky bit must be set on all SUSE operating system world-writable directories.
Details Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of...
SLES-15-010310 – The SUSE operating system must be configured to use TCP syncookies.
Details Denial of Service (DoS) is a condition in which a resource is not available for legitimate users. When this...
SLES-15-010320 – The SUSE operating system for all network connections associated with SSH traffic must immediately terminate at the end of the session or after 10 minutes of inactivity.
Details Automatic session termination addresses the termination of user-initiated logical sessions in contrast to the termination of network connections associated...
SLES-15-010330 – All SUSE operating system persistent disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at-rest protection.
Details SUSE operating systems handling data requiring data-at-rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of...

Prev Next

DISA SLES 15 STIG V1R3

SLES-15-010220 – The SUSE operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments – rules

SLES-15-010100 – The SUSE operating system must be able to lock the graphical user interface (GUI).

SLES-15-010230 – The SUSE operating system must not have duplicate User IDs (UIDs) for interactive users.

SLES-15-010260 – The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs).

SLES-15-010270 – The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.

SLES-15-010280 – The SUSE operating system SSH daemon must be configured with a timeout interval.

SLES-15-010300 – The sticky bit must be set on all SUSE operating system world-writable directories.

SLES-15-010310 – The SUSE operating system must be configured to use TCP syncookies.

SLES-15-010320 – The SUSE operating system for all network connections associated with SSH traffic must immediately terminate at the end of the session or after 10 minutes of inactivity.

SLES-15-010330 – All SUSE operating system persistent disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at-rest protection.