Oct 31, 2025 Functional Update- 1.8.10 Ensure XDCMP is not enabled
- 2.1.1.1 Ensure a single time synchronization daemon is in use
- 4.2.10 Ensure SSH PermitUserEnvironment is disabled
- 4.2.12 Ensure SSH X11 forwarding is disabled
- 4.2.19 Ensure SSH MaxStartups is configured
- 4.2.2 Ensure permissions on SSH private host key files are configured
- 4.2.20 Ensure SSH LoginGraceTime is set to one minute or less
- 4.2.22 Ensure SSH Idle Timeout Interval is configured
- 4.2.3 Ensure permissions on SSH public host key files are configured
- 4.2.4 Ensure SSH access is limited
- 4.2.6 Ensure SSH PAM is enabled
- 4.2.8 Ensure SSH HostbasedAuthentication is disabled
- 5.1.2.1 Ensure rsyslog is installed
- 5.1.2.2 Ensure rsyslog service is enabled
- 5.1.2.7 Ensure rsyslog is not configured to receive logs from a remote client
Miscellaneous- Metadata updated.
- Platform check updated.
- Variables updated.
Added- CIS_Debian_Linux_10_v2.0.0_L1_Workstation.audit from CIS Debian Linux 10 Benchmark v2.0.0
Removed- CIS_Debian_Linux_10_v2.0.0_L1_Workstation.audit from CIS Debian Linux 10 Benchmark
|
Jun 16, 2025 Functional Update- 6.1.5 Ensure permissions on /etc/shadow are configured
|
Apr 7, 2025 Functional Update- 2.1.1.1 Ensure a single time synchronization daemon is in use
|
Mar 31, 2025 Functional Update- 6.1.6 Ensure permissions on /etc/shadow- are configured
|
Jan 6, 2025 Informational Update- 1.1.1.1 Ensure mounting of cramfs filesystems is disabled
- 1.1.1.2 Ensure mounting of freevxfs filesystems is disabled
- 1.1.1.3 Ensure mounting of jffs2 filesystems is disabled
- 1.1.1.4 Ensure mounting of hfs filesystems is disabled
- 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled
- 1.8.2 Ensure GDM login banner is configured
- 1.8.5 Ensure GDM screen locks cannot be overridden
- 1.8.8 Ensure GDM autorun-never is enabled
- 1.8.9 Ensure GDM autorun-never is not overridden
- 2.1.3.1 Ensure systemd-timesyncd configured with authorized timeserver
- 4.1.8 Ensure cron is restricted to authorized users
- 4.1.9 Ensure at is restricted to authorized users
- 4.2.2 Ensure permissions on SSH private host key files are configured
- 4.2.3 Ensure permissions on SSH public host key files are configured
- 4.4.5 Ensure all current passwords uses the configured hashing algorithm
- 4.5.2 Ensure system accounts are secured
- 5.1.3 Ensure all logfiles have appropriate access configured
- 6.1.10 Ensure permissions on /etc/opasswd are configured
- 6.1.11 Ensure world writable files and directories are secured
- 6.2.11 Ensure local interactive user home directories are configured
- 6.2.12 Ensure local interactive user dot files access is configured
|
Dec 27, 2024 Functional Update- 1.5.4 Ensure Automatic Error Reporting is not enabled
|
Nov 6, 2024 Functional Update- 6.1.11 Ensure world writable files and directories are secured
- 6.1.12 Ensure no unowned or ungrouped files or directories exist
- 6.1.13 Ensure SUID and SGID files are reviewed
|
Aug 26, 2024 Functional Update- 1.4.3 Ensure authentication required for single user mode
- 4.5.5 Ensure default user shell timeout is configured
|
Jul 31, 2024 |
Jun 17, 2024 |
