Detections
Analytics

Revision 1.31

Sep 19, 2023
Functional Update
  • GEN001160 - All files and directories must have a valid owner.
  • GEN001170 - All files and directories must have a valid group owner.
  • GEN001890 - Local initialization files must not have extended ACLs - '.bash_logout'
  • GEN001890 - Local initialization files must not have extended ACLs - '.bash_profile'
  • GEN001890 - Local initialization files must not have extended ACLs - '.bashrc'
  • GEN001890 - Local initialization files must not have extended ACLs - '.cshrc'
  • GEN001890 - Local initialization files must not have extended ACLs - '.dispatch'
  • GEN001890 - Local initialization files must not have extended ACLs - '.dtprofile'
  • GEN001890 - Local initialization files must not have extended ACLs - '.emacs'
  • GEN001890 - Local initialization files must not have extended ACLs - '.env'
  • GEN001890 - Local initialization files must not have extended ACLs - '.exrc'
  • GEN001890 - Local initialization files must not have extended ACLs - '.login'
  • GEN001890 - Local initialization files must not have extended ACLs - '.logout'
  • GEN001890 - Local initialization files must not have extended ACLs - '.profile'
  • GEN002000 - There must be no .netrc files on the system.
  • GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.rhosts'
  • GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.shosts'
  • GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'hosts.equiv'
  • GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'shosts.equiv'
  • GEN002300 - Device files used for backup must only be readable and/or writable by root or the backup user - '/dev/cd*'
  • GEN002300 - Device files used for backup must only be readable and/or writable by root or the backup user - '/dev/rmt*'
  • GEN002330 - Audio devices must not have extended ACLs.
  • GEN002380 - The owner, group, mode, ACL, and location of files with the setuid bit set must be documented using site-defined procedures
  • GEN002440 - The owner, group, mode, ACL, and location of files with the setgid bit set must be documented using site-defined procedures
  • GEN002480 - Public directories must be the only world-writable directories and world-writable files must be located only in public dirs
  • GEN002500 - The sticky bit must be set on all public directories.
  • GEN002520 - All public directories must be owned by root or an application account.
  • GEN002540 - All public directories must be group-owned by system or an application group.
  • GEN003865 - Network analysis tools must not be installed - 'ethereal'
  • GEN003865 - Network analysis tools must not be installed - 'netcat'
  • GEN003865 - Network analysis tools must not be installed - 'snoop'
  • GEN003865 - Network analysis tools must not be installed - 'tcpdump'
  • GEN003865 - Network analysis tools must not be installed - 'tshark'
  • GEN003865 - Network analysis tools must not be installed - 'wireshark'
  • GEN004580 - The system must not use .forward files.
  • GEN005190 - The .Xauthority files must not have extended ACLs.
  • GEN005340 - Management Information Base (MIB) files must have mode 0640 or less permissive.
  • GEN005350 - Management Information Base (MIB) files must not have extended ACLs.
Miscellaneous
  • References updated.
  • Variables updated.