← Back to Home 📄 View Raw XML

🔍 OSCAP Scan Result - Primary web server running Ubuntu 24.04 LTS

Target System: ubuntu-web-01.example.com
IP Address: 192.168.1.101
OS: Ubuntu 24.04 LTS
Scan Start: 2026-05-07T21:16:56.232025
Scan End: 2026-05-07T21:26:56.232025

77

Passed

16

Failed

0

Other

Rule Check Results

Rule ID	Result	Severity	Message
`accounts_password_pam_unix_enabled`	FAIL	MEDIUM	Check failed: accounts_password_pam_unix_enabled
`accounts_root_gid_zero`	FAIL	MEDIUM	Check failed: accounts_root_gid_zero
`accounts_umask_etc_bashrc`	FAIL	LOW	Check failed: accounts_umask_etc_bashrc
`accounts_umask_etc_login_defs`	PASS	LOW	-
`accounts_umask_etc_profile`	PASS	HIGH	-
`accounts_umask_root`	PASS	LOW	-
`ensure_pam_wheel_group_empty`	PASS	HIGH	-
`ensure_root_access_controlled`	PASS	LOW	-
`file_groupowner_sshd_config`	PASS	LOW	-
`file_owner_sshd_config`	PASS	LOW	-
`file_permissions_sshd_config`	PASS	HIGH	-
`file_permissions_sshd_private_key`	PASS	LOW	-
`file_permissions_sshd_pub_key`	PASS	HIGH	-
`groups_no_zero_gid_except_root`	PASS	MEDIUM	-
`no_invalid_shell_accounts_unlocked`	PASS	HIGH	-
`no_shelllogin_for_systemaccounts`	PASS	MEDIUM	-
`sshd_limit_user_access`	PASS	HIGH	-
`use_pam_wheel_group_for_su`	PASS	MEDIUM	-
`sshd_use_strong_ciphers`	PASS	LOW	-
`sshd_use_strong_kex`	FAIL	MEDIUM	Check failed: sshd_use_strong_kex
`sshd_use_strong_macs`	PASS	LOW	-
`accounts_password_pam_pwhistory_use_authtok`	PASS	LOW	-
`accounts_password_pam_unix_authtok`	PASS	LOW	-
`set_password_hashing_algorithm_logindefs`	FAIL	LOW	Check failed: set_password_hashing_algorithm_logindefs
`set_password_hashing_algorithm_systemauth`	PASS	LOW	-
`account_disable_post_pw_expiration`	PASS	MEDIUM	-
`accounts_maximum_age_login_defs`	PASS	MEDIUM	-
`accounts_minimum_age_login_defs`	PASS	LOW	-
`accounts_password_last_change_is_in_past`	FAIL	LOW	Check failed: accounts_password_last_change_is_in_past
`accounts_password_pam_dcredit`	PASS	LOW	-
`accounts_password_pam_dictcheck`	PASS	MEDIUM	-
`accounts_password_pam_difok`	PASS	HIGH	-
`accounts_password_pam_enforce_root`	PASS	HIGH	-
`accounts_password_pam_enforcing`	PASS	MEDIUM	-
`accounts_password_pam_lcredit`	PASS	LOW	-
`accounts_password_pam_maxrepeat`	PASS	HIGH	-
`accounts_password_pam_maxsequence`	PASS	MEDIUM	-
`accounts_password_pam_minclass`	FAIL	HIGH	Check failed: accounts_password_pam_minclass
`accounts_password_pam_minlen`	PASS	MEDIUM	-
`accounts_password_pam_ocredit`	PASS	HIGH	-
`accounts_password_pam_pwhistory_enabled`	PASS	LOW	-
`accounts_password_pam_pwhistory_enforce_root`	PASS	MEDIUM	-
`accounts_password_pam_pwhistory_remember`	PASS	MEDIUM	-
`accounts_password_pam_pwquality_enabled`	PASS	MEDIUM	-
`accounts_password_pam_ucredit`	FAIL	HIGH	Check failed: accounts_password_pam_ucredit
`accounts_password_pam_unix_no_remember`	PASS	LOW	-
`accounts_password_set_max_life_existing`	PASS	HIGH	-
`accounts_password_set_min_life_existing`	PASS	LOW	-
`no_empty_passwords_unix`	PASS	MEDIUM	-
`sshd_disable_empty_passwords`	PASS	MEDIUM	-
`sshd_disable_gssapi_auth`	PASS	LOW	-
`sshd_disable_rhosts`	PASS	HIGH	-
`sshd_enable_pam`	PASS	MEDIUM	-
`accounts_password_warn_age_login_defs`	PASS	HIGH	-
`sshd_disable_forwarding`	PASS	MEDIUM	-
`accounts_tmout`	PASS	HIGH	-
`package_sudo_installed`	PASS	MEDIUM	-
`sshd_disable_root_login`	PASS	MEDIUM	-
`sudo_add_use_pty`	PASS	HIGH	-
`sudo_remove_no_authenticate`	FAIL	LOW	Check failed: sudo_remove_no_authenticate
`sudo_require_authentication`	PASS	HIGH	-
`sudo_require_reauthentication`	PASS	LOW	-
`accounts_passwords_pam_faillock_deny`	PASS	MEDIUM	-
`accounts_passwords_pam_faillock_enabled`	FAIL	MEDIUM	Check failed: accounts_passwords_pam_faillock_enabled
`accounts_passwords_pam_faillock_root_unlock_time`	PASS	LOW	-
`accounts_passwords_pam_faillock_unlock_time`	PASS	MEDIUM	-
`sshd_set_loglevel_info`	FAIL	LOW	Check failed: sshd_set_loglevel_info
`sshd_set_max_auth_tries`	PASS	MEDIUM	-
`sudo_custom_logfile`	FAIL	HIGH	Check failed: sudo_custom_logfile
`account_automated_provisioning_enabled`	FAIL	LOW	Check failed: account_automated_provisioning_enabled
`account_temporary_expiration_configured`	PASS	HIGH	-
`account_disable_inactive_accounts`	PASS	LOW	-
`sudo_security_function_authorization`	PASS	HIGH	-
`service_nonprivileged_user_execution`	PASS	LOW	-
`screen_lock_timeout_configured`	PASS	MEDIUM	-
`screen_lock_pattern_hiding_enabled`	FAIL	HIGH	Check failed: screen_lock_pattern_hiding_enabled
`sshd_logging_enabled`	PASS	LOW	-
`auditd_extended_information_enabled`	PASS	HIGH	-
`log_analysis_tool_configured`	PASS	HIGH	-
`change_control_documentation_required`	FAIL	LOW	Check failed: change_control_documentation_required
`service_periodic_review_enabled`	FAIL	HIGH	Check failed: service_periodic_review_enabled
`package_update_automation_configured`	PASS	LOW	-
`intrusion_detection_tool_installed`	PASS	LOW	-
`encrypted_traffic_inspection_configured`	PASS	HIGH	-
`privileged_command_network_restriction`	PASS	HIGH	-
`concurrent_session_limit_configured`	PASS	LOW	-
`auditd_storage_threshold_alert`	PASS	HIGH	-
`auditd_realtime_alerts_enabled`	PASS	HIGH	-
`centralized_logging_configured`	PASS	HIGH	-
`audit_logs_remote_storage`	PASS	LOW	-
`audit_logs_encrypted`	PASS	HIGH	-
`critical_action_signing_enabled`	PASS	HIGH	-
`time_synchronization_configured`	PASS	LOW	-