Detections
Analytics

Revision 1.3

Oct 5, 2020
Functional Update
  • 1.1.3 Ensure seperate file system for /tmp
  • 1.4.4 Ensure UEFI requires authentication for single-user and maintenance modes - password
  • 1.4.4 Ensure UEFI requires authentication for single-user and maintenance modes - superusers
  • 1.5.6 Ensure NIST FIPS-validated cryptography is configured - grub
  • 1.5.7 Ensure DNS is servers are configured - empty resolv
  • 1.5.7 Ensure DNS is servers are configured - nameserver 1
  • 1.5.7 Ensure DNS is servers are configured - nameserver 2
  • 1.9 Ensure anti-virus is installed and running
  • 2.1.4 Ensure TFTP daemon is configured to operate in secure mode.
  • 2.2.1.4 Ensure NTP 'maxpoll' is set - maxpoll is set.
  • 2.2.2.1 Ensure the screen package is installed.
  • 2.2.2.10 Ensure screensaver lock-enabled is set.
  • 2.2.2.11 Ensure the screensaver idle-activation-enabled setting
  • 2.2.2.2 Ensure GNOME Screen Lock is Enabled.
  • 2.2.2.3 Ensure GNOME Screensaver period of inactivity is configured.
  • 2.2.2.4 Ensure GNOME Idle activation is set.
  • 2.2.2.5 Ensure GNOME Lock Delay is configured
  • 2.2.2.6 Ensure automatic logon via GUI is not allowed
  • 2.2.2.7 Ensure unrestricted logon is not allowed
  • 2.2.2.8 Ensure overriding the screensaver lock-delay setting is prevented
  • 2.2.2.9 Ensure session idle-delay settings is enforced
  • 2.2.25 Ensure unrestricted mail relaying is prevented.
  • 2.2.26 Ensure ldap_tls_cacert is set for LDAP - config
  • 2.2.26 Ensure ldap_tls_cacert is set for LDAP - file
  • 2.2.27 Ensure ldap_id_use_start_tls is set for LDAP.
  • 2.2.28 Ensure ldap_tls_reqcert is set for LDAP
  • 3.7 Ensure IP tunnels are not configured.
  • 4.1.2.14 Ensure audit of the rmdir syscall - 64 bit
  • 4.1.2.15 Ensure audit of unlink syscall - 64 bit
  • 4.1.2.16 Ensure audit unlinkat syscall - 64 bit
  • 4.1.2.17 Ensure audit of the create_module syscall - 64 bit
  • 4.1.2.18 Ensure audit of the finit_module syscall - 64 bit
  • 4.1.2.25 Ensure audit of the mount command and syscall - 64 bit
  • 4.1.21 Ensure auditing of all privileged functions - setgid 64 bit
  • 4.1.21 Ensure auditing of all privileged functions - setuid 64 bit
  • 4.2.2.6 Ensure rsyslog imudp and imrelp aren't loaded.
  • 4.5 Ensure system notification is sent out when voume is 75% full
  • 5.10 Ensure enable smartcard authentication is set to true
Miscellaneous
  • Platform check updated.