CIS Debian 10 Workstation L1 v2.0.0

Audit Details

Name: CIS Debian 10 Workstation L1 v2.0.0

Updated: 5/7/2024

Authority: CIS

Plugin: Unix

Revision: 1.21

Estimated Item Count: 224

File Details

Filename: CIS_Debian_Linux_10_v2.0.0_L1_Workstation.audit

Size: 835 kB

MD5: ea6c7efc4827fe0fd3a90f77929f23f5

SHA256: 6882545081b838f3058684b3df391e79fa7b98960e8810a72c91c7858984d717

Audit Changelog


Revision 1.21 May 7, 2024 Functional Update 2.1.2.1 Ensure chrony is configured with authorized timeserver 2.1.2.2 Ensure chrony is running as user _chrony 2.1.2.3 Ensure chrony is enabled and running
Revision 1.20 Apr 22, 2024 Functional Update 5.1.2.6 Ensure rsyslog is configured to send logs to a remote log host
Revision 1.19 Apr 10, 2024 Functional Update 1.8.2 Ensure GDM login banner is configured 1.8.3 Ensure GDM disable-user-list option is enabled 1.8.4 Ensure GDM screen locks when the user is idle 1.8.5 Ensure GDM screen locks cannot be overridden 1.8.8 Ensure GDM autorun-never is enabled 1.8.9 Ensure GDM autorun-never is not overridden
Revision 1.18 Mar 18, 2024 Functional Update 4.2.2 Ensure permissions on SSH private host key files are configured 4.2.3 Ensure permissions on SSH public host key files are configured 5.1.3 Ensure all logfiles have appropriate access configured 6.1.11 Ensure world writable files and directories are secured 6.1.12 Ensure no unowned or ungrouped files or directories exist 6.1.13 Ensure SUID and SGID files are reviewed 6.2.12 Ensure local interactive user dot files access is configured Miscellaneous Variables updated.
Revision 1.17 Mar 1, 2024 Functional Update 3.4.1.7 Ensure ufw default deny firewall policy
Revision 1.16 Feb 20, 2024 Functional Update 4.2.5 Ensure SSH LogLevel is appropriate
Revision 1.15 Feb 16, 2024 Functional Update 4.2.20 Ensure SSH LoginGraceTime is set to one minute or less
Revision 1.14 Feb 12, 2024 Functional Update 4.3.1 Ensure sudo is installed
Revision 1.13 Feb 8, 2024 Functional Update 2.4 Ensure nonessential services are removed or masked 3.1.1 Ensure IPv6 status is identified 3.4.1.5 Ensure ufw outbound connections are configured 3.4.2.3 Ensure iptables are flushed with nftables 3.4.2.7 Ensure nftables outbound and established connections are configured 3.4.3.2.3 Ensure iptables outbound and established connections are configured 3.4.3.3.3 Ensure ip6tables outbound and established connections are configured 5.1.1.6 Ensure journald log rotation is configured per site policy 6.1.13 Ensure SUID and SGID files are reviewed Informational Update 6.1.13 Ensure SUID and SGID files are reviewed
Revision 1.12 Jan 29, 2024 Functional Update 3.1.1 Ensure IPv6 status is identified 4.2.12 Ensure SSH X11 forwarding is disabled Informational Update 3.1.1 Ensure IPv6 status is identified Miscellaneous Metadata updated.

Detections

Analytics

CIS Debian 10 Workstation L1 v2.0.0

Audit Details

File Details

Audit Changelog

Revision 1.21

Functional Update

Revision 1.20

Functional Update

Revision 1.19

Functional Update

Revision 1.18

Functional Update

Miscellaneous

Revision 1.17

Functional Update

Revision 1.16

Functional Update

Revision 1.15

Functional Update

Revision 1.14

Functional Update

Revision 1.13

Functional Update

Informational Update

Revision 1.12

Functional Update

Informational Update

Miscellaneous

Detections

Analytics

CIS Debian 10 Workstation L1 v2.0.0 Download File

Audit Details

File Details

Audit Changelog

Functional Update

Functional Update

Functional Update

Functional Update

Miscellaneous

Functional Update

Functional Update

Functional Update

Functional Update

Functional Update

Informational Update

Functional Update

Informational Update

Miscellaneous

CIS Debian 10 Workstation L1 v2.0.0