Title

Ubuntu OS must have an application firewall enabled. (Cat II impact)

Discussion

Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Application firewalls limit which applications are allowed to communicate over the network.

Check Content

Verify the Uncomplicated Firewall (ufw) is enabled on the system with the following command: $ systemctl status ufw.service | grep -i "active:" Active: active (exited) since Thu 2022-12-25 00:00:01 NZTD; 365 days 11h ago If "ufw.service" is "inactive", this is a finding. If the ufw is not installed, ask the system administrator if another application firewall is installed. If no application firewall is installed, this is a finding.

Fix Text

Enable and start the ufw by using the following command: $ sudo systemctl enable ufw.service --now

Additional Identifiers

Rule ID: SV-275610r1147880_rule

Vulnerability ID: V-275610

Group Title: SRG-OS-000480-GPOS-00232

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.