Oct 3, 2023 Functional Update- 1.11 Ensure anti-virus is installed and running
|
Sep 19, 2023 Functional Update- 1.1.26 Ensure all world-writable directories are group-owned.
- 1.4.4 Ensure boot loader does not allow removable media
- 1.6.1.10 Ensure system device files are labeled - device_t
- 1.6.1.10 Ensure system device files are labeled - unlabeled_t
- 5.3.36 Ensure no '.shosts' files exist on the system - .shosts files exist on the system
- 5.3.37 Ensure no 'shosts.equiv' files exist on the system - shosts.equiv files exist on the system
- 6.1.10 Ensure no world writable files exist
- 6.1.11 Ensure no unowned files or directories exist
- 6.1.12 Ensure no ungrouped files or directories exist
- 6.1.16 Ensure all world-writable directories are owned by root, sys, bin, or an application User Identifier
- 6.2.20 Ensure that all files and directories contained in local interactive user home directories are owned by the user
- 6.2.21 Ensure local interactive user is a member of the group owner.
- 6.2.22 Ensure users' files and directories within the home directory permissions are 750 or more restrictive
Miscellaneous- Metadata updated.
- References updated.
- Variables updated.
|
Jul 20, 2023 Functional Update- 6.2.12 Ensure users own their home directories
|
May 19, 2023 Functional Update- 1.8.18 Ensure graphical user interface automounter is disabled - automount
- 1.8.18 Ensure graphical user interface automounter is disabled - automount-open
- 1.8.18 Ensure graphical user interface automounter is disabled - automount=false
- 1.8.18 Ensure graphical user interface automounter is disabled - autorun-never
- 1.8.18 Ensure graphical user interface automounter is disabled - autorun-never=true
|
Apr 12, 2023 Functional Update- 5.4.1 Ensure password creation requirements are configured - dcredit
- 5.4.1 Ensure password creation requirements are configured - lcredit
- 5.4.1 Ensure password creation requirements are configured - ocredit
- 5.4.1 Ensure password creation requirements are configured - ucredit
- 5.4.7 Ensure minimum and maximum requirements are set for password changes - difok
- 5.4.7 Ensure minimum and maximum requirements are set for password changes - maxclassrepeat
- 5.4.7 Ensure minimum and maximum requirements are set for password changes - maxrepeat
- 5.4.7 Ensure minimum and maximum requirements are set for password changes - minclass
- 5.4.7 Ensure minimum and maximum requirements are set for password changes - minlen
- 5.5.1.10 Ensure delay between logon prompts on failure
- 5.5.1.2 Ensure minimum days between password changes is configured - login.defs
- 5.5.1.6 Ensure shadow file is configured to use only encrypted representations of passwords
- 5.5.1.7 Ensure password expiration is 60 Day maximum for new users
- 5.5.10 Ensure upon user creation a home directory is assigned.
- 5.5.8 Ensure Default user umask is 077
Miscellaneous- Metadata updated.
- Platform check updated.
- Variables updated.
|
Apr 3, 2023 Functional Update- 1.4.5 Ensure version 7.2 or newer booted with a BIOS have a unique name for the grub superusers account
- 1.8.18 Ensure graphical user interface automounter is disabled - automount
- 1.8.18 Ensure graphical user interface automounter is disabled - automount-open
- 1.8.18 Ensure graphical user interface automounter is disabled - automount-open=false
- 1.8.18 Ensure graphical user interface automounter is disabled - automount=false
- 1.8.18 Ensure graphical user interface automounter is disabled - autorun-never
- 1.8.18 Ensure graphical user interface automounter is disabled - autorun-never=true
- 6.2.13 Ensure users' home directories permissions are 750 or more restrictive
|
Mar 20, 2023 Functional Update- 5.3.10 Ensure SSH IgnoreRhosts is enabled
|
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
|
Jan 4, 2023 Functional Update- 1.12 Ensure host-based intrusion detection tool is used - mcafeetp package
- 1.5.8 Ensure DNS is servers are configured - nameserver 1
- 1.5.8 Ensure DNS is servers are configured - nameserver 2
- 5.2.7 Ensure sudo authentication timeout is configured - sudo command.
- 5.2.8 Ensure users password required for privilege escalation when using sudo - rootpw
- 5.2.8 Ensure users password required for privilege escalation when using sudo - runaspw
- 5.2.8 Ensure users password required for privilege escalation when using sudo - targetpw
- 5.3.28 Ensure SSH IgnoreUserKnownHosts is enabled
- 5.3.30 Ensure SSH does not permit GSSAPI - GSSAPI authentication unless needed.
- 5.3.32 Ensure SSH performs checks of home directory configuration files
|
Dec 7, 2022 |
