Item Search

Name	Audit Name	Plugin	Category
GEN000930 - The root account's home directory must not have an extended ACL.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
GEN001140 - System files and directories must not have uneven access permissions - '/bin/*'	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
GEN001180 - All network services daemon files must have mode 0755 or less permissive.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
GEN001290 - All manual page files must not have extended ACLs - '/usr/share/infopage'	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
GEN001340 - NIS/NIS+/yp files must be group-owned by root, sys, or bin.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
GEN001364 - The /etc/resolv.conf file must have mode 0644 or less permissive.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
GEN001365 - The /etc/resolv.conf file must not have an extended ACL.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
GEN001372 - The /etc/nsswitch.conf file must be group-owned by root, bin, sys, or system.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
GEN001440 - All interactive users must be assigned a home directory in the /etc/passwd file.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
GEN001460 - All interactive user home directories defined in the /etc/passwd file must exist.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
GEN001475 - The /etc/group file must not contain any group password hashes.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
GEN002280 - Device files and directories must only be writable by users with a system account or as configured by the vendor.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN002300 - Device files used for backup must only be readable and/or writable by root or the backup user - '/dev/rmt*'	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN002320 - Audio devices must have mode 0660 or less permissive.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN002330 - Audio devices must not have extended ACLs.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN002360 - Audio devices must be group-owned by root, sys, bin, or system.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN002960 - Access to the cron utility must be controlled using the cron.allow and/or cron.deny file(s) - '/var/adm/cron/cron.allow'	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003000 - Cron must not execute group-writable or world-writable programs.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'invscout'	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'lp'	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'nuucp'	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003060 - Default system accounts must not be in the cron.allow file or must be in cron.deny - 'uucp'	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003110 - Cron and crontab directories must not have extended ACLs - '/var/spool/cron' - acls disabled	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003250 - The cron.allow file must be group-owned by system, bin, sys, or cron.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003280 - Access to the at utility must be controlled via the at.allow and/or at.deny file(s) - '/var/adm/cron/at.deny exists'	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003300 - The at.deny file must not be empty if it exists	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'nobody'	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'sshd'	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003340 - The at.allow file must have mode 0600 or less permissive.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003460 - The at.allow file must be owned by root, bin, or sys.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003520 - The kernel core dump data directory must be owned by root.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003523 - The kernel core dump data directory must not have an extended ACL.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN003730 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be group-owned by bin, sys, or system - 'xinetd.d'	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN004010 - The traceroute file must not have an extended ACL.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN004420 - Files executed through a mail aliases file must have mode 0755 or less permissive.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN005190 - The .Xauthority files must not have extended ACLs.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN005200 - X displays must not be exported to the world.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN005320 - The snmpd.conf file must have mode 0600 or less permissive - '/etc/snmpdv3.conf'	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN005350 - Management Information Base (MIB) files must not have extended ACLs.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN005365 - The snmpd.conf file must be group-owned by bin, sys, or system - '/etc/snmpdv3.conf'	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN005390 - The /etc/syslog.conf file must have mode 0640 or less permissive.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN005523 - The SSH private host key files must have mode 0600 or less permissive.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN005537 - The SSH daemon must use privilege separation.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN005740 - The NFS export configuration file must be owned by root.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN006100 - The /usr/lib/smb.conf file must be owned by root.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN006120 - The /usr/lib/smb.conf file must be group-owned by bin, sys, or system.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN006160 - The /var/private/smbpasswd file must be owned by root.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN006260 - The /etc/news/hosts.nntp (or equivalent) must have mode 0600 or less permissive.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN006300 - The /etc/news/nnrp.access (or equivalent) must have mode 0600 or less permissive.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL
GEN006360 - The files in /etc/news must be group-owned by system or news.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL

Detections

Analytics

Item Search