CIS Oracle Linux 8 Server L1 v1.0.1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Oracle Linux 8 Server L1 v1.0.1

Updated: 10/4/2022

Authority: Operating Systems and Applications

Plugin: Unix

Revision: 1.8

Estimated Item Count: 307

File Details

Filename: CIS_Oracle_Linux_8_Server_L1_v1.0.1.audit

Size: 599 kB

MD5: 79c0ad0a35321fec7b84fc751393427d
SHA256: a0425fbfab45b2bceb3532e2ee4dbb1417840b5213b86729a7d534124e7fc608

Audit Changelog

 
Revision 1.8

Oct 4, 2022

Informational Update
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain FORWARD
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain INPUT
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain OUTPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain INPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain OUTPUT
  • 3.4.4.2.3 Ensure ip6tables outbound and established connections are configured
  • 3.4.4.2.4 Ensure ip6tables firewall rules exist for all open ports
Revision 1.7

Sep 30, 2022

Informational Update
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain FORWARD
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain INPUT
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain OUTPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain INPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain OUTPUT
  • 3.4.4.2.3 Ensure ip6tables outbound and established connections are configured
  • 3.4.4.2.4 Ensure ip6tables firewall rules exist for all open ports
Revision 1.6

Sep 30, 2022

Informational Update
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain FORWARD
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain INPUT
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain OUTPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain INPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain OUTPUT
  • 3.4.4.2.3 Ensure ip6tables outbound and established connections are configured
  • 3.4.4.2.4 Ensure ip6tables firewall rules exist for all open ports
Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.5

Sep 19, 2022

Functional Update
  • 5.5.1.5 Ensure all users last password change date is in the past
Informational Update
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain FORWARD
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain INPUT
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain OUTPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain INPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain OUTPUT
  • 3.4.4.2.3 Ensure ip6tables outbound and established connections are configured
  • 3.4.4.2.4 Ensure ip6tables firewall rules exist for all open ports
Miscellaneous
  • References updated.
Revision 1.4

Jun 3, 2022

Functional Update
  • 1.4.2 Ensure filesystem integrity is regularly checked - systemctl status aidecheck.timer
  • 6.2.7 Ensure users' home directories permissions are 750 or more restrictive
Informational Update
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain FORWARD
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain INPUT
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain OUTPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain INPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain OUTPUT
  • 3.4.4.2.3 Ensure ip6tables outbound and established connections are configured
  • 3.4.4.2.4 Ensure ip6tables firewall rules exist for all open ports
Revision 1.3

May 11, 2022

Functional Update
  • 1.1.22 Disable Automounting
  • 2.2.10 Ensure FTP Server is not enabled
  • 2.2.11 Ensure DNS Server is not enabled
  • 2.2.12 Ensure NFS is not enabled
  • 2.2.14 Ensure LDAP server is not enabled
  • 2.2.15 Ensure DHCP Server is not enabled
  • 2.2.16 Ensure CUPS is not enabled
  • 2.2.17 Ensure NIS Server is not enabled
  • 2.2.4 Ensure Avahi Server is not enabled - service
  • 2.2.4 Ensure Avahi Server is not enabled - socket
  • 2.2.5 Ensure SNMP Server is not enabled
  • 2.2.6 Ensure HTTP Proxy Server is not enabled
  • 2.2.7 Ensure Samba is not enabled
  • 2.2.8 Ensure IMAP and POP3 server is not enabled
  • 2.2.9 Ensure HTTP server is not enabled
Informational Update
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain FORWARD
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain INPUT
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain OUTPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain INPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain OUTPUT
  • 3.4.4.2.3 Ensure ip6tables outbound and established connections are configured
  • 3.4.4.2.4 Ensure ip6tables firewall rules exist for all open ports
Revision 1.2

Apr 25, 2022

Informational Update
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain FORWARD
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain INPUT
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain OUTPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain INPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain OUTPUT
  • 3.4.4.2.3 Ensure ip6tables outbound and established connections are configured
  • 3.4.4.2.4 Ensure ip6tables firewall rules exist for all open ports
Miscellaneous
  • Variables updated.
Revision 1.1

Mar 29, 2022

Informational Update
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain FORWARD
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain INPUT
  • 3.4.4.2.1 Ensure ip6tables default deny firewall policy - Chain OUTPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain INPUT
  • 3.4.4.2.2 Ensure ip6tables loopback traffic is configured - Chain OUTPUT
  • 3.4.4.2.3 Ensure ip6tables outbound and established connections are configured
  • 3.4.4.2.4 Ensure ip6tables firewall rules exist for all open ports
Miscellaneous
  • Metadata updated.
  • References updated.