File: rule.yml

package info (click to toggle)
scap-security-guide 0.1.65-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 71,936 kB
  • sloc: xml: 179,374; sh: 69,771; python: 23,819; makefile: 23
file content (51 lines) | stat: -rw-r--r-- 2,175 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
documentation_complete: true

# package is unlikely to appear on a RHEL9 system, don't extend to RHEL10
prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20

title: 'Disable Apache Qpid (qpidd)'

description: |-
    The <tt>qpidd</tt> service provides high speed, secure,
    guaranteed delivery services.  It is an implementation of the Advanced Message
    Queuing Protocol.  By default the qpidd service will bind to port 5672 and
    listen for connection attempts.
    {{{ describe_service_disable(service="qpidd") }}}

rationale: |-
    The qpidd service is automatically installed when the <tt>base</tt> package
    selection is selected during installation. The qpidd service listens for
    network connections, which increases the attack surface of the system. If
    the system is not intended to receive AMQP traffic, then the <tt>qpidd</tt>
    service is not needed and should be disabled or removed.

severity: low

identifiers:
    cce@rhel7: CCE-80266-0
    cce@rhel8: CCE-80882-4
    cce@rhel9: CCE-84231-0

references:
    cis-csc: 11,12,14,15,3,8,9
    cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.04,DSS05.02,DSS05.03,DSS05.05,DSS06.06
    disa: CCI-000382
    isa-62443-2009: 4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3
    isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6'
    iso27001-2013: A.11.2.6,A.12.1.2,A.12.5.1,A.12.6.2,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.6.2.1,A.6.2.2,A.9.1.2
    nist: CM-7(a),CM-7(b),CM-6(a)
    nist-csf: PR.AC-3,PR.IP-1,PR.PT-3,PR.PT-4

ocil_clause: |-
    {{{ ocil_clause_service_disabled(service="qpidd") }}}

ocil: |-
    {{{ ocil_service_disabled(service="qpidd") }}}

platform: machine

template:
    name: service_disabled
    vars:
        servicename: qpidd
        packagename: qpid-cpp-server