STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide

V-238374

CAT II (Medium)

The Ubuntu operating system must have an application firewall enabled.

Rule ID

SV-238374r991593_rule

STIG

Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide

Version

V2R4

CCIs

CCI-000366

Discussion

Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Application firewalls limit which applications are allowed to communicate over the network.

Check Content

Verify the Uncomplicated Firewall is enabled on the system by running the following command: 
 
$ systemctl status ufw.service | grep -i "active:" 
 
Active: active (exited) since Mon 2016-10-17 12:30:29 CDT; 1s ago 
 
If the above command returns the status as "inactive", this is a finding. 
 
If the Uncomplicated Firewall is not installed, ask the System Administrator if another application firewall is installed. If no application firewall is installed, this is a finding.

Fix Text

Enable the Uncomplicated Firewall by using the following command: 
 
$ sudo systemctl enable ufw.service  
 
If the Uncomplicated Firewall is not currently running on the system, start it with the following command: 
 
$ sudo systemctl start ufw.service