Detections
Analytics

Revision 1.25

Dec 7, 2022
Functional Update
  • 2.11 Configure TCP Wrappers - inetadm tcp_wrapers = true
  • 3.10 Disable Response to Multicast Echo Request - current ipv4 = 0
  • 3.10 Disable Response to Multicast Echo Request - current ipv6 = 0
  • 3.10 Disable Response to Multicast Echo Request - persistent ipv4 = 0
  • 3.10 Disable Response to Multicast Echo Request - persistent ipv6 = 0
  • 3.11 Ignore ICMP Redirect Messages - current ipv6 = 1
  • 3.11 Ignore ICMP Redirect Messages - persistent ipv4 = 1
  • 3.11 Ignore ICMP Redirect Messages - persistent ipv6 = 1
  • 3.11 Ignore ICMP Redirect Messages - current ipv4 = 1
  • 3.12 Set Strict Multihoming - current ipv4 = 1
  • 3.12 Set Strict Multihoming - persistent ipv4 = 1
  • 3.12 Set Strict Multihoming - current ipv6 = 1
  • 3.12 Set Strict Multihoming - persistent ipv6 = 1
  • 3.13 Disable ICMP Redirect Messages - current ipv4 = off
  • 3.13 Disable ICMP Redirect Messages - current ipv6 = off
  • 3.13 Disable ICMP Redirect Messages - persistent ipv4 = off
  • 3.13 Disable ICMP Redirect Messages - persistent ipv6 = off
  • 3.14 Disable TCP Reverse IP Source Routing - current tcp = 0
  • 3.14 Disable TCP Reverse IP Source Routing - persistent tcp = 0
  • 3.15 Set Maximum Number of Half-open TCP Connections - current tcp = 4096
  • 3.15 Set Maximum Number of Half-open TCP Connections - persistent tcp = 4096
  • 3.16 Set Maximum Number of Incoming Connections - current tcp = 1024
  • 3.16 Set Maximum Number of Incoming Connections - persistent tcp = 1024
  • 3.4 Disable Source Packet Forwarding - persistent ipv4 = 0
  • 3.4 Disable Source Packet Forwarding - current ipv4 = 0
  • 3.4 Disable Source Packet Forwarding - current ipv6 = 0
  • 3.4 Disable Source Packet Forwarding - persistent ipv6 = 0
  • 3.5 Disable Directed Broadcast Packet Forwarding - current ip = 0
  • 3.5 Disable Directed Broadcast Packet Forwarding - persistent ip = 0
  • 3.6 Disable Response to ICMP Timestamp Requests - current ip = 0
  • 3.6 Disable Response to ICMP Timestamp Requests - persistent ip = 0
  • 3.7 Disable Response to ICMP Broadcast Timestamp Requests - current ip = 0
  • 3.7 Disable Response to ICMP Broadcast Timestamp Requests - persistent ip = 0
  • 3.8 Disable Response to ICMP Broadcast Netmask Requests - persistent ip = 0
  • 3.8 Disable Response to ICMP Broadcast Netmask Requests - current ip = 0
  • 3.9 Disable Response to Broadcast ICMPv4 Echo Request - current ip = 0
  • 3.9 Disable Response to Broadcast ICMPv4 Echo Request - persistent ip = 0
  • 4.1 Create CIS Audit Class
  • 4.5 Configure Solaris Auditing - Plugin
  • 4.5 Configure Solaris Auditing - audit condition=auditing
  • 6.11 Remove Autologin Capabilities from the GNOME desktop - pam.conf
  • 6.11 Remove Autologin Capabilities from the GNOME desktop - pam.d/gdm-autologin
  • 6.12 Set Default Screen Lock for GNOME Users - timeout = 10
  • 6.12 Set Default Screen Lock for GNOME Users - lock = true
  • 6.12 Set Default Screen Lock for GNOME Users - lockTimeout = 0
  • 6.16 Set EEPROM Security Mode and Log Failed Access (SPARC) - eeprom security-#badlogins = 0
  • 6.16 Set EEPROM Security Mode and Log Failed Access (SPARC) - eeprom security-mode = command
  • 6.17 Secure the GRUB Menu (Intel) - grub.cfg password
  • 6.17 Secure the GRUB Menu (Intel) - grub.cfg timeout = 30
  • 6.17 Secure the GRUB Menu (Intel) - grub.d/01_password
  • 6.17 Secure the GRUB Menu (Intel) - grub2_defs.bios GRUB_TIMEOUT = 30
  • 6.17 Secure the GRUB Menu (Intel) - menu.conf timeout = 30
  • 6.17 Secure the GRUB Menu (Intel) - passwd.cfg
  • 6.17 Secure the GRUB Menu (Intel) - passwd.cfg - password_pbkdf2
  • 6.17 Secure the GRUB Menu (Intel) - passwd.cfg - superusers
  • 7.6 Lock Inactive User Accounts - useradd -D, 35
  • 8.3 Enable a Warning Banner for the GNOME Service
Miscellaneous
  • Variables updated.