CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0

Audit Details

Name: CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0

Updated: 3/7/2023

Authority: CIS

Plugin: Unix

Revision: 1.9

Estimated Item Count: 127

File Details

Filename: CIS_Ubuntu_18.04_LXD_Host_v1.0.0_L2_Server.audit

Size: 392 kB

MD5: 92f21fbe674129a7d11f1571e4ef530b
SHA256: 0241ebcdb8bd0984775ae0672bbbaf81ab5ed5f7e6835b5612ecdeda2bceec5b

Audit Changelog

 
Revision 1.9

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.8

Jan 4, 2023

Miscellaneous
  • Metadata updated.
  • Variables updated.
Revision 1.7

Dec 7, 2022

Miscellaneous
  • Metadata updated.
Revision 1.6

Sep 30, 2022

Functional Update
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES (64-bit)
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (64-bit)
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES (64-bit)
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM (64-bit)
  • 4.1.12 Ensure successful file system mounts are collected - 32-bit
  • 4.1.12 Ensure successful file system mounts are collected - 64-bit
  • 4.1.12 Ensure successful file system mounts are collected - auditctl (32-bit)
  • 4.1.12 Ensure successful file system mounts are collected - auditctl (64-bit)
  • 4.1.13 Ensure file deletion events by users are collected - 32-bit
  • 4.1.13 Ensure file deletion events by users are collected - 64-bit
  • 4.1.13 Ensure file deletion events by users are collected - auditctl (32-bit)
  • 4.1.13 Ensure file deletion events by users are collected - auditctl (64-bit)
  • 4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (32-bit)
  • 4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (64-bit)
  • 4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (64-bit)
  • 4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (32-bit)
  • 4.1.3 Ensure events that modify date and time information are collected - adjtimex (32-bit)
  • 4.1.3 Ensure events that modify date and time information are collected - adjtimex (64-bit)
  • 4.1.3 Ensure events that modify date and time information are collected - auditctl adjtimex (32-bit)
  • 4.1.3 Ensure events that modify date and time information are collected - auditctl adjtimex (64-bit)
  • 4.1.3 Ensure events that modify date and time information are collected - auditctl clock_settime (32-bit)
  • 4.1.3 Ensure events that modify date and time information are collected - auditctl clock_settime (64-bit)
  • 4.1.3 Ensure events that modify date and time information are collected - clock_settime (32-bit)
  • 4.1.3 Ensure events that modify date and time information are collected - clock_settime (64-bit)
  • 4.1.5 Ensure events that modify the system's network environment are collected - auditctl sethostname (32-bit)
  • 4.1.5 Ensure events that modify the system's network environment are collected - auditctl sethostname (64-bit)
  • 4.1.5 Ensure events that modify the system's network environment are collected - sethostname (32-bit)
  • 4.1.5 Ensure events that modify the system's network environment are collected - sethostname (64-bit)
  • 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat
  • 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat (64-bit)
  • 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat/lchown
  • 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat/lchown (64-bit)
  • 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl setxattr/lsetxattr/fsetxattr/removexattr
  • 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl xattr (64-bit)
  • 4.1.9 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat
  • 4.1.9 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat (64-bit)
  • 4.1.9 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat/lchown
  • 4.1.9 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat/lchown (64-bit)
  • 4.1.9 Ensure discretionary access control permission modification events are collected - setxattr/lsetxattr/fsetxattr/removexattr
  • 4.1.9 Ensure discretionary access control permission modification events are collected - xattr (64-bit)
Revision 1.5

Sep 16, 2022

Functional Update
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES (64-bit)
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (64-bit)
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES (64-bit)
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM
  • 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM (64-bit)
  • 4.1.11 Ensure use of privileged commands is collected
  • 4.1.12 Ensure successful file system mounts are collected - 32-bit
  • 4.1.12 Ensure successful file system mounts are collected - 64-bit
  • 4.1.12 Ensure successful file system mounts are collected - auditctl (32-bit)
  • 4.1.12 Ensure successful file system mounts are collected - auditctl (64-bit)
  • 4.1.13 Ensure file deletion events by users are collected - 32-bit
  • 4.1.13 Ensure file deletion events by users are collected - 64-bit
  • 4.1.13 Ensure file deletion events by users are collected - auditctl (32-bit)
  • 4.1.13 Ensure file deletion events by users are collected - auditctl (64-bit)
  • 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat
  • 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat (64-bit)
  • 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat/lchown
  • 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat/lchown (64-bit)
  • 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl setxattr/lsetxattr/fsetxattr/removexattr
  • 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl xattr (64-bit)
  • 4.1.9 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat
  • 4.1.9 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat (64-bit)
  • 4.1.9 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat/lchown
  • 4.1.9 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat/lchown (64-bit)
  • 4.1.9 Ensure discretionary access control permission modification events are collected - setxattr/lsetxattr/fsetxattr/removexattr
  • 4.1.9 Ensure discretionary access control permission modification events are collected - xattr (64-bit)
Miscellaneous
  • Variables updated.
Revision 1.4

Jul 27, 2022

Functional Update
  • 4.1.11 Ensure use of privileged commands is collected
  • 5.2.6 Ensure SSH X11 forwarding is disabled
Miscellaneous
  • Platform check updated.
Revision 1.3

Apr 25, 2022

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.2

Mar 29, 2022

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.1

Jun 17, 2021

Miscellaneous
  • Metadata updated.
  • References updated.