STIGQter STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The Ubuntu operating system must enable and run the uncomplicated firewall(ufw).

DISA Rule

SV-219337r610963_rule

Vulnerability Number

V-219337

Group Title

SRG-OS-000297-GPOS-00115

Rule Version

UBTU-18-010507

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Enable the Uncomplicated Firewall by using the following command:

# sudo systemctl enable ufw.service

If the Uncomplicated Firewall is not currently running on the system, start it with the following command:

# sudo systemctl start ufw.service

Check Contents

Verify the Uncomplicated Firewall is enabled on the system by running the following command:

# systemctl is-enabled ufw

If the above command returns the status as "disabled", this is a finding.

Verify the Uncomplicated Firewall is active on the system by running the following command:

# sudo systemctl is-active ufw

If the above command returns 'inactive' or any kind of error, this is a finding.

If the Uncomplicated Firewall is not installed ask the System Administrator if another application firewall is installed.

If no application firewall is installed this is a finding.

Vulnerability Number

V-219337

Documentable

False

Rule Version

UBTU-18-010507

Severity Override Guidance

Verify the Uncomplicated Firewall is enabled on the system by running the following command:

# systemctl is-enabled ufw

If the above command returns the status as "disabled", this is a finding.

Verify the Uncomplicated Firewall is active on the system by running the following command:

# sudo systemctl is-active ufw

If the above command returns 'inactive' or any kind of error, this is a finding.

If the Uncomplicated Firewall is not installed ask the System Administrator if another application firewall is installed.

If no application firewall is installed this is a finding.

Check Content Reference

M

Target Key

4055

Comments