Skip to content

Ubuntu CIS Phase-3 Template #12419

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Ubuntu CIS Phase-3 Template #12419

wants to merge 1 commit into from
+506 −0

Conversation

Th3l0newolf
Copy link
Contributor

@Th3l0newolf Th3l0newolf commented Jun 19, 2025
edited
Loading

more templates

Template / PR Information

Phase 3 Ubuntu CIS template for Ubuntu 24.04 LTS

  • ftp-client-check
  • inactive-password-lock-default-check
  • ldap-client-check
  • nis-client-check
  • password-expiration-check
  • password-min-days-check
  • password-warn-age-check
  • ssh-rsh-client-check
  • strong-password-hashing-check
  • talk-client-check
  • telnet-client-check

Template Validation

I've validated this template locally?

  • YES

ftp-client-check

inactive-password-lock-default-check

ldap-client-check

nis-client-check

password-expiration-check

password-min-days-check

password-warn-age-check

rsh-client-check

strong-password-hashing-check

talk-client-check

telnet-client-check

Additional Details (leave it blank if not applicable)

Additional References:

@Th3l0newolf
Ubuntu Phase 3
52ce64e 
more templates
@princechaddha
Copy link
Member

Automated PR Review (Experimental)

Thank you for your contribution, Th3l0newolf! You can join our Discord server. It's a great place to connect with fellow contributors and stay updated with the latest developments. Thank you once again.

Required Fixes

  • In the id field for the rsh-client-check template, change the identifier from ssh-rsh-client-check to rsh-client-check to match the filename.

Other Suggestions

  1. Consider adding more context in the description fields for the templates. Although they provide a brief summary of security risks, a little more detail about why these specific checks are important might enhance understanding for users unfamiliar with the topics.
  2. It may be helpful to include self-contained: true only if it can be run in isolation without dependencies on external files or configurations, ensure that usage matches this requirement.
  3. For consistency and clarity, keep an eye on capitalization — “CIS_PASS” and “CIS_FAIL” are capitalized throughout, which is good. Just ensure it's consistent in similar fields across all templates.
  4. Review all the severity levels to ensure they align correctly with the impact. For instance, make sure "medium" and "high" ratings reflect their actual risk levels as per best practices or available CVSS scores.
  5. Consider briefly mentioning any potential impact in the remediation sections for a deeper understanding of the actions users should take.

As a side note, I am an AI Template bot, and the team will review the PR shortly. Happy coding!

@pussycat0x pussycat0x self-assigned this Jun 19, 2025
@pussycat0x pussycat0x added the Status: In Progress This issue is being worked on, and has someone assigned. label Jun 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@pussycat0x pussycat0x

Labels
Status: In Progress This issue is being worked on, and has someone assigned.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Th3l0newolf @princechaddha @pussycat0x