U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

CIS Debian Benchmark v1.0.0 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Debian Linux cpe:/o:debian:debian_linux (View CVEs)

Checklist Highlights

Checklist Name:
CIS Debian Benchmark
Checklist ID:
273
Version:
v1.0.0
Type:
Compliance
Review Status:
Archived
Authority:
Third Party: Center for Internet Security (CIS)
Original Publication Date:
08/01/2007

Checklist Summary:

This checklist benchmark is provided by Center for Internet Security (CIS) in order to implement Debian Linux. The guidelines presented in this document cover pre-installation, and installation recommendations.

Checklist Role:

  • Operating System

Known Issues:

Not provided.

Target Audience:

Debian Administrators

Target Operational Environment:

  • Managed

Testing Information:

Pages 8,9, and 10 of this checklist describe detailed testing guidelines.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

The Center for Internet Security ("CIS") provides benchmarks, scoring tools, software, data, information, suggestions, ideas, and other services and materials from the CIS website or elsewhere ("Products") as a public service to Internet users worldwide. Recommendations contained in the Products ("Recommendations") result from a consensus-building process that involves many security experts and are generally generic in nature. The Recommendations are intended to provide helpful information to organizations attempting to evaluate or improve the security of their networks, systems, and devices. Proper use of the Recommendations requires careful analysis and adaptation to specific user requirements. The Recommendations are not in any way intended to be a "quick fix" for anyone's information security needs. CIS makes no representations, warranties, or covenants whatsoever as to (i) the positive or negative effect of the Products or the Recommendations on the operation or the security of any particular network, computer system, network device, software, hardware, or any component of any of the foregoing or (ii) the accuracy, reliability, timeliness, or completeness of the Products or the Recommendations. CIS is providing the Products and the Recommendations "as is" and "as available" without representations, warranties, or covenants of any kind.

Product Support:

http://www.debian.org/support

Point of Contact:

cis-feedback@cisecurity.org

Sponsor:

http://www.cisecurity.org/

Licensing:

http://www.debian.org/social_contract#guidelines The Debian Free Software Guidelines (DFSG) 1. Free Redistribution The license of a Debian component may not restrict any party from selling or giving away the software as a component of an aggregate software distribution containing programs from several different sources. The license may not require a royalty or other fee for such sale. 2. Source Code The program must include source code, and must allow distribution in source code as well as compiled form. 3. Derived Works The license must allow modifications and derived works, and must allow them to be distributed under the same terms as the license of the original software. 4. Integrity of The Author's Source Code The license may restrict source-code from being distributed in modified form _only_ if the license allows the distribution of "patch files" with the source code for the purpose of modifying the program at build time. The license must explicitly permit distribution of software built from modified source code. The license may require derived works to carry a different name or version number from the original software. (This is a compromise. The Debian group encourages all authors not to restrict any files, source or binary, from being modified.) 5. No Discrimination Against Persons or Groups The license must not discriminate against any person or group of persons. 6. No Discrimination Against Fields of Endeavor The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research. 7. Distribution of License The rights attached to the program must apply to all to whom the program is redistributed without the need for execution of an additional license by those parties. 8. License Must Not Be Specific to Debian The rights attached to the program must not depend on the program's being part of a Debian system. If the program is extracted from Debian and used or distributed without Debian but otherwise within the terms of the program's license, all parties to whom the program is redistributed should have the same rights as those that are granted in conjunction with the Debian system. 9. License Must Not Contaminate Other Software The license must not place restrictions on other software that is distributed along with the licensed software. For example, the license must not insist that all other programs distributed on the same medium must be free software. 10. Example Licenses The "GPL", "BSD", and "Artistic" licenses are examples of licenses that we consider "free".

Change History: 

Updated URL - 7/26/19
updated status to archived - 2/23/24

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 02/23/2024