1.1 Use the Latest Package Updates | SYSTEM AND INFORMATION INTEGRITY |
2.1 Disable Local-only Graphical Login Environment | CONFIGURATION MANAGEMENT |
2.2 Configure sendmail Service for Local-Only Mode | |
2.3 Disable RPC Encryption Key | |
2.4 Disable NIS Server Services - domain | |
2.4 Disable NIS Server Services - server | |
2.5 Disable NIS Client Services - client | |
2.5 Disable NIS Client Services - domain | |
2.6 Disable Kerberos TGT Expiration Warning | |
2.7 Disable Generic Security Services (GSS) | |
2.8 Disable Removable Volume Manager - rmvolmgr | |
2.8 Disable Removable Volume Manager - smserver | |
2.9 Disable automount Service | |
2.10 Disable Apache Service | |
2.11 Configure TCP Wrappers - hosts.allow | SYSTEM AND COMMUNICATIONS PROTECTION |
2.11 Configure TCP Wrappers - hosts.deny | SYSTEM AND COMMUNICATIONS PROTECTION |
2.11 Configure TCP Wrappers - inetadm tcp_wrapers = true | SYSTEM AND COMMUNICATIONS PROTECTION |
2.11 Configure TCP Wrappers - svcprop tcp_wrappers false | SYSTEM AND COMMUNICATIONS PROTECTION |
2.12 Disable Telnet Service | |
3.1 Restrict Core Dumps to Protected Directory - /var/share/cores | |
3.1 Restrict Core Dumps to Protected Directory - global core dump logging = enabled | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global core dumps = enabled | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global core file content | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global core file pattern | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global setid core dumps = enabled | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - init core file content | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - init core file pattern | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - per-process core dumps = disabled | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - per-process setid core dumps = disabled | ACCESS CONTROL |
3.2 Enable Stack Protection - set noexec_user_stack = 1 | SYSTEM AND INFORMATION INTEGRITY |
3.2 Enable Stack Protection - set noexec_user_stack_log = 1 | AUDIT AND ACCOUNTABILITY |
3.3 Enable Strong TCP Sequence Number Generation - TCP_STRONG_ISS = 2 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4 Disable Source Packet Forwarding - current ipv4 = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4 Disable Source Packet Forwarding - current ipv6 = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4 Disable Source Packet Forwarding - persistent ipv4 = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4 Disable Source Packet Forwarding - persistent ipv6 = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.5 Disable Directed Broadcast Packet Forwarding - current ip = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.5 Disable Directed Broadcast Packet Forwarding - persistent ip = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.6 Disable Response to ICMP Timestamp Requests - current ip = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.6 Disable Response to ICMP Timestamp Requests - persistent ip = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.7 Disable Response to ICMP Broadcast Timestamp Requests - current ip = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.7 Disable Response to ICMP Broadcast Timestamp Requests - persistent ip = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.8 Disable Response to ICMP Broadcast Netmask Requests - current ip = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.8 Disable Response to ICMP Broadcast Netmask Requests - persistent ip = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.9 Disable Response to Broadcast ICMPv4 Echo Request - current ip = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.9 Disable Response to Broadcast ICMPv4 Echo Request - persistent ip = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.10 Disable Response to Multicast Echo Request - current ipv4 = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.10 Disable Response to Multicast Echo Request - current ipv6 = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.10 Disable Response to Multicast Echo Request - persistent ipv4 = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |
3.10 Disable Response to Multicast Echo Request - persistent ipv6 = 0 | SYSTEM AND COMMUNICATIONS PROTECTION |