Mar 18, 2024 Functional Update- 4.1.11 Ensure use of privileged commands is collected
Miscellaneous- Metadata updated.
- References updated.
- Variables updated.
|
Oct 6, 2023 Miscellaneous- Metadata updated.
- References updated.
|
Jul 5, 2023 Functional Update- 4.1.2.3 Ensure system is disabled when audit logs are full - 'action_mail_acct = root'
- 4.1.2.3 Ensure system is disabled when audit logs are full - 'admin_space_left_action = halt'
- 4.1.2.3 Ensure system is disabled when audit logs are full - 'space_left_action = email'
|
Jun 23, 2023 Functional Update- 3.4.1 Ensure DCCP is disabled - modprobe
- 3.4.2 Ensure SCTP is disabled - modprobe
- 3.4.3 Ensure RDS is disabled - modprobe
- 3.4.4 Ensure TIPC is disabled - modprobe
- 4.1.12 Ensure successful file system mounts are collected - 64-bit
|
Apr 12, 2023 Functional Update- 4.1.8 Ensure session initiation information is collected - btmp
- 4.1.8 Ensure session initiation information is collected - wtmp
Miscellaneous- Metadata updated.
- Platform check updated.
- Variables updated.
|
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
|
Jan 4, 2023 Miscellaneous- Metadata updated.
- Variables updated.
|
Dec 19, 2022 Functional Update- 4.1.17 Ensure the audit configuration is immutable
|
Dec 7, 2022 Functional Update- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES (64-bit)
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (64-bit)
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES (64-bit)
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM (64-bit)
- 4.1.12 Ensure successful file system mounts are collected - 32-bit
- 4.1.12 Ensure successful file system mounts are collected - 64-bit
- 4.1.12 Ensure successful file system mounts are collected - auditctl (32-bit)
- 4.1.12 Ensure successful file system mounts are collected - auditctl (64-bit)
- 4.1.13 Ensure file deletion events by users are collected - 32-bit
- 4.1.13 Ensure file deletion events by users are collected - 64-bit
- 4.1.13 Ensure file deletion events by users are collected - auditctl (32-bit)
- 4.1.13 Ensure file deletion events by users are collected - auditctl (64-bit)
- 4.1.15 Ensure system administrator command executions (sudo) are collected - b32
- 4.1.15 Ensure system administrator command executions (sudo) are collected - b32 auditctl
- 4.1.15 Ensure system administrator command executions (sudo) are collected - b64
- 4.1.15 Ensure system administrator command executions (sudo) are collected - b64 auditctl
- 4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (32-bit)
- 4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (64-bit)
- 4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (64-bit)
- 4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (32-bit)
- 4.1.3 Ensure events that modify date and time information are collected - adjtimex (32-bit)
- 4.1.3 Ensure events that modify date and time information are collected - adjtimex (64-bit)
- 4.1.3 Ensure events that modify date and time information are collected - auditctl adjtimex (32-bit)
- 4.1.3 Ensure events that modify date and time information are collected - auditctl adjtimex (64-bit)
- 4.1.3 Ensure events that modify date and time information are collected - auditctl clock_settime (32-bit)
- 4.1.3 Ensure events that modify date and time information are collected - auditctl clock_settime (64-bit)
- 4.1.3 Ensure events that modify date and time information are collected - clock_settime (32-bit)
- 4.1.3 Ensure events that modify date and time information are collected - clock_settime (64-bit)
- 4.1.5 Ensure events that modify the system's network environment are collected - auditctl sethostname (32-bit)
- 4.1.5 Ensure events that modify the system's network environment are collected - auditctl sethostname (64-bit)
- 4.1.5 Ensure events that modify the system's network environment are collected - sethostname (32-bit)
- 4.1.5 Ensure events that modify the system's network environment are collected - sethostname (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat/lchown
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat/lchown (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl setxattr/lsetxattr/fsetxattr/removexattr
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl xattr (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat
- 4.1.9 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat/lchown
- 4.1.9 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat/lchown (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - setxattr/lsetxattr/fsetxattr/removexattr
- 4.1.9 Ensure discretionary access control permission modification events are collected - xattr (64-bit)
|
Sep 16, 2022 Functional Update- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES (64-bit)
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (64-bit)
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES (64-bit)
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM
- 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM (64-bit)
- 4.1.11 Ensure use of privileged commands is collected
- 4.1.12 Ensure successful file system mounts are collected - 32-bit
- 4.1.12 Ensure successful file system mounts are collected - 64-bit
- 4.1.12 Ensure successful file system mounts are collected - auditctl (32-bit)
- 4.1.12 Ensure successful file system mounts are collected - auditctl (64-bit)
- 4.1.13 Ensure file deletion events by users are collected - 32-bit
- 4.1.13 Ensure file deletion events by users are collected - 64-bit
- 4.1.13 Ensure file deletion events by users are collected - auditctl (32-bit)
- 4.1.13 Ensure file deletion events by users are collected - auditctl (64-bit)
- 4.1.15 Ensure system administrator command executions (sudo) are collected - b32
- 4.1.15 Ensure system administrator command executions (sudo) are collected - b32 auditctl
- 4.1.15 Ensure system administrator command executions (sudo) are collected - b64
- 4.1.15 Ensure system administrator command executions (sudo) are collected - b64 auditctl
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat/lchown
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat/lchown (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl setxattr/lsetxattr/fsetxattr/removexattr
- 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl xattr (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat
- 4.1.9 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat/lchown
- 4.1.9 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat/lchown (64-bit)
- 4.1.9 Ensure discretionary access control permission modification events are collected - setxattr/lsetxattr/fsetxattr/removexattr
- 4.1.9 Ensure discretionary access control permission modification events are collected - xattr (64-bit)
Miscellaneous- References updated.
- Variables updated.
|
