CIS AlmaLinux OS 8 Server L1 v2.0.0

Audit Details

Name: CIS AlmaLinux OS 8 Server L1 v2.0.0

Updated: 11/28/2022

Authority: CIS

Plugin: Unix

Revision: 1.2

Estimated Item Count: 343

File Details

Filename: CIS_AlmaLinux_OS_8_Server_v2.0.0_L1.audit

Size: 936 kB

MD5: 8eb373aedd97e8d8f8d2e1782ab5d030
SHA256: da648869d0c54f97246cb4ca161faa8e87517d20271f58af9bde1d59d843bfba

Audit Changelog

 
Revision 1.2

Nov 28, 2022

Functional Update
  • 3.4.1.3 Ensure nftables either not installed or masked with firewalld - masked
  • 4.2.1.6 Ensure rsyslog is configured to send logs to a remote log host
  • 5.2.10 Ensure SSH PermitUserEnvironment is disabled - sshd output
  • 5.2.11 Ensure SSH IgnoreRhosts is enabled - sshd output
  • 5.2.15 Ensure SSH warning banner is configured
  • 5.2.16 Ensure SSH MaxAuthTries is set to 4 or less - sshd output
  • 5.2.19 Ensure SSH LoginGraceTime is set to one minute or less - sshd output
  • 5.2.20 Ensure SSH Idle Timeout Interval is configured - ClientAliveCountMax sshd output
  • 5.2.20 Ensure SSH Idle Timeout Interval is configured - ClientAliveInterval sshd output
  • 5.2.4 Ensure SSH access is limited - sshd output
  • 5.2.5 Ensure SSH LogLevel is appropriate - sshd output
  • 5.2.6 Ensure SSH PAM is enabled - sshd output
  • 5.2.7 Ensure SSH root login is disabled - sshd output
  • 5.2.8 Ensure SSH HostbasedAuthentication is disabled - sshd output
  • 5.2.9 Ensure SSH PermitEmptyPasswords is disabled - sshd output
Revision 1.1

Sep 19, 2022

Functional Update
  • 3.4.1.3 Ensure nftables either not installed or masked with firewalld - masked
  • 4.2.1.6 Ensure rsyslog is configured to send logs to a remote log host
  • 5.6.1.5 Ensure all users last password change date is in the past
Revision 1.0

Aug 9, 2022

Functional Update
  • 3.4.1.3 Ensure nftables either not installed or masked with firewalld - masked
  • 4.2.1.6 Ensure rsyslog is configured to send logs to a remote log host