Nov 14, 2022 Functional Update- 4.1.21 Ensure auditing of all privileged functions - setgid 32 bit
- 4.1.21 Ensure auditing of all privileged functions - setgid 64 bit
- 4.1.21 Ensure auditing of all privileged functions - setuid 32 bit
- 4.1.21 Ensure auditing of all privileged functions - setuid 64 bit
|
Oct 18, 2022 Functional Update- 1.3.3 Ensure AIDE is configured to verify ACLs
- 1.3.4 Ensure AIDE is configured to verify XATTRS
- 1.3.5 Ensure AIDE is configured to use FIPS 140-2
- 4.5 Ensure system notification is sent out when voume is 75% full
Informational Update- 1.1.21 Ensure all world-writable directories are group-owned.
- 1.3.3 Ensure AIDE is configured to verify ACLs
- 1.3.4 Ensure AIDE is configured to verify XATTRS
- 1.3.5 Ensure AIDE is configured to use FIPS 140-2
Added- 1.1.3 Ensure separate file system for /tmp
- 1.10 Ensure required packages for multifactor authentication are installed - esc
- 1.10 Ensure required packages for multifactor authentication are installed - pam_pkcs11
- 4.1.2.10 Ensure audit ssh-keysign command.
Removed- 1.1.3 Ensure seperate file system for /tmp
- 1.10 Ensure required packages for multifactor atuentication are installed - esc
- 1.10 Ensure required packages for multifactor atuentication are installed - pam_pkcs11
- 4.1.2.10 Enusre audit ssh-keysign command.
|
Apr 25, 2022 |
Mar 29, 2022 Miscellaneous- Metadata updated.
- References updated.
|
Mar 1, 2022 Informational Update- 6.2.20 Ensure all local interactive user home directories are group-owned
Miscellaneous- Metadata updated.
- References updated.
Added- 4.8 Ensure off-load of audit logs - direction
Removed- 4.8 Enure off-load of audit logs - direction
|
Jun 17, 2021 Miscellaneous- Metadata updated.
- References updated.
|
Dec 14, 2020 Functional Update- 6.2.25 Ensure users' 'dot' files have '0740' or less set.
|
Oct 5, 2020 Functional Update- 1.1.3 Ensure seperate file system for /tmp
- 1.4.4 Ensure UEFI requires authentication for single-user and maintenance modes - password
- 1.4.4 Ensure UEFI requires authentication for single-user and maintenance modes - superusers
- 1.5.6 Ensure NIST FIPS-validated cryptography is configured - grub
- 1.5.7 Ensure DNS is servers are configured - empty resolv
- 1.5.7 Ensure DNS is servers are configured - nameserver 1
- 1.5.7 Ensure DNS is servers are configured - nameserver 2
- 1.9 Ensure anti-virus is installed and running
- 2.1.4 Ensure TFTP daemon is configured to operate in secure mode.
- 2.2.1.4 Ensure NTP 'maxpoll' is set - maxpoll is set.
- 2.2.2.1 Ensure the screen package is installed.
- 2.2.2.10 Ensure screensaver lock-enabled is set.
- 2.2.2.11 Ensure the screensaver idle-activation-enabled setting
- 2.2.2.2 Ensure GNOME Screen Lock is Enabled.
- 2.2.2.3 Ensure GNOME Screensaver period of inactivity is configured.
- 2.2.2.4 Ensure GNOME Idle activation is set.
- 2.2.2.5 Ensure GNOME Lock Delay is configured
- 2.2.2.6 Ensure automatic logon via GUI is not allowed
- 2.2.2.7 Ensure unrestricted logon is not allowed
- 2.2.2.8 Ensure overriding the screensaver lock-delay setting is prevented
- 2.2.2.9 Ensure session idle-delay settings is enforced
- 2.2.25 Ensure unrestricted mail relaying is prevented.
- 2.2.26 Ensure ldap_tls_cacert is set for LDAP - config
- 2.2.26 Ensure ldap_tls_cacert is set for LDAP - file
- 2.2.27 Ensure ldap_id_use_start_tls is set for LDAP.
- 2.2.28 Ensure ldap_tls_reqcert is set for LDAP
- 3.7 Ensure IP tunnels are not configured.
- 4.1.2.14 Ensure audit of the rmdir syscall - 64 bit
- 4.1.2.15 Ensure audit of unlink syscall - 64 bit
- 4.1.2.16 Ensure audit unlinkat syscall - 64 bit
- 4.1.2.17 Ensure audit of the create_module syscall - 64 bit
- 4.1.2.18 Ensure audit of the finit_module syscall - 64 bit
- 4.1.2.25 Ensure audit of the mount command and syscall - 64 bit
- 4.1.21 Ensure auditing of all privileged functions - setgid 64 bit
- 4.1.21 Ensure auditing of all privileged functions - setuid 64 bit
- 4.2.2.6 Ensure rsyslog imudp and imrelp aren't loaded.
- 4.5 Ensure system notification is sent out when voume is 75% full
- 5.10 Ensure enable smartcard authentication is set to true
|
Sep 30, 2020 Functional Update- 5.4.10 Ensure default user umask is 077
|
Sep 29, 2020 |
