STIGQter STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:

The Ubuntu operating system must have an application firewall enabled.

DISA Rule

SV-238374r654297_rule

Vulnerability Number

V-238374

Group Title

SRG-OS-000480-GPOS-00232

Rule Version

UBTU-20-010454

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Enable the Uncomplicated Firewall by using the following command:

$ sudo systemctl enable ufw.service

If the Uncomplicated Firewall is not currently running on the system, start it with the following command:

$ sudo systemctl start ufw.service

Check Contents

Verify the Uncomplicated Firewall is enabled on the system by running the following command:

$ systemctl status ufw.service | grep -i "active:"

Active: active (exited) since Mon 2016-10-17 12:30:29 CDT; 1s ago

If the above command returns the status as "inactive", this is a finding.

If the Uncomplicated Firewall is not installed, ask the System Administrator if another application firewall is installed. If no application firewall is installed, this is a finding.

Vulnerability Number

V-238374

Documentable

False

Rule Version

UBTU-20-010454

Severity Override Guidance

Verify the Uncomplicated Firewall is enabled on the system by running the following command:

$ systemctl status ufw.service | grep -i "active:"

Active: active (exited) since Mon 2016-10-17 12:30:29 CDT; 1s ago

If the above command returns the status as "inactive", this is a finding.

If the Uncomplicated Firewall is not installed, ask the System Administrator if another application firewall is installed. If no application firewall is installed, this is a finding.

Check Content Reference

M

Target Key

5318

Comments