Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.7.1.5 Ensure permissions on /etc/issue are configuredCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.7.1.6 Ensure permissions on /etc/issue.net are configuredCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.7.2 Ensure GDM login banner is configured - banner textCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

2.2.1.1 Ensure time synchronization is in useCIS Debian 9 Workstation L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

2.2.1.2 Ensure ntp is configured - ntp serverCIS Debian 9 Workstation L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

2.2.1.2 Ensure ntp is configured - RUNASUSERCIS Debian 9 Workstation L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

2.2.6 Ensure LDAP server is not enabledCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

2.2.8 Ensure DNS Server is not enabledCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

2.2.13 Ensure HTTP Proxy Server is not enabledCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

2.2.16 Ensure rsync service is not enabledCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

2.2.17 Ensure NIS Server is not enabledCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

2.3.1 Ensure NIS Client is not installedCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.1.1 Ensure IP forwarding is disabled - ipv6 sysctlCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.1.2 Ensure packet redirect sending is disabled - all /etc/sysctl.conf /etc/sysctl.d/*CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure source routed packets are not accepted - net.ipv4.conf.default.accept_source_route = 0CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv6.conf.default.accept_redirects'CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - net.ipv4.conf.all.accept_redirectsCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.3 Ensure secure ICMP redirects are not accepted - files net.ipv4.conf.all.secure_redirects = 0CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.3 Ensure secure ICMP redirects are not accepted - net.ipv4.conf.all.secure_redirects = 0CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.4 Ensure suspicious packets are logged - files net.ipv4.conf.all.log_martians = 1CIS Debian 9 Workstation L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - net.ipv4.conf.default.log_martians = 1CIS Debian 9 Workstation L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

3.2.5 Ensure broadcast ICMP requests are ignored - files net.ipv4.icmp_echo_ignore_broadcasts = 1CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.5 Ensure broadcast ICMP requests are ignored - net.ipv4.icmp_echo_ignore_broadcasts = 1CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.7 Ensure Reverse Path Filtering is enabled - net.ipv4.conf.default.rp_filter = 1CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.8 Ensure TCP SYN Cookies is enabled - net.ipv4.tcp_syncookies = 1CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.9 Ensure IPv6 router advertisements are not accepted - net.ipv6.conf.all.accept_ra = 0CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure /etc/hosts.allow is configuredCIS Debian 9 Workstation L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1 Ensure DCCP is disabled - lsmodCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.5.1.2 Ensure loopback traffic is configured - inputCIS Debian 9 Workstation L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.3 Ensure outbound and established connections are configuredCIS Debian 9 Workstation L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.4 Ensure IPv6 firewall rules exist for all open portsCIS Debian 9 Workstation L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.2.3 Ensure rsyslog or syslog-ng is installedCIS Debian 9 Workstation L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

4.3 Ensure logrotate is configuredCIS Debian 9 Workstation L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

5.1.7 Ensure permissions on /etc/cron.d are configuredCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

5.1.8 Ensure at/cron is restricted to authorized users - at.allowCIS Debian 9 Workstation L1 v1.0.1Unix

ACCESS CONTROL

5.1.8 Ensure at/cron is restricted to authorized users - at.denyCIS Debian 9 Workstation L1 v1.0.1Unix

ACCESS CONTROL

5.2.2 Ensure permissions on SSH private host key files are configuredCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

5.2.4 Ensure SSH Protocol is set to 2CIS Debian 9 Workstation L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.5 Ensure SSH LogLevel is appropriateCIS Debian 9 Workstation L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

5.2.11 Ensure SSH PermitEmptyPasswords is disabledCIS Debian 9 Workstation L1 v1.0.1Unix

IDENTIFICATION AND AUTHENTICATION

5.2.15 Ensure only strong Key Exchange algorithms are usedCIS Debian 9 Workstation L1 v1.0.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.16 Ensure SSH Idle Timeout Interval is configured - ClientAliveCountMaxCIS Debian 9 Workstation L1 v1.0.1Unix

ACCESS CONTROL

5.2.16 Ensure SSH Idle Timeout Interval is configured - ClientAliveIntervalCIS Debian 9 Workstation L1 v1.0.1Unix

ACCESS CONTROL

5.2.18 Ensure SSH access is limitedCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

5.4.1.5 Ensure all users last password change date is in the pastCIS Debian 9 Workstation L1 v1.0.1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

5.4.2 Ensure system accounts are non-loginCIS Debian 9 Workstation L1 v1.0.1Unix

ACCESS CONTROL

6.1.3 Ensure permissions on /etc/shadow- are configuredCIS Debian 9 Workstation L1 v1.0.1Unix

IDENTIFICATION AND AUTHENTICATION

6.1.6 Ensure permissions on /etc/shadow are configuredCIS Debian 9 Workstation L1 v1.0.1Unix

IDENTIFICATION AND AUTHENTICATION

6.1.7 Ensure permissions on /etc/group are configuredCIS Debian 9 Workstation L1 v1.0.1Unix

IDENTIFICATION AND AUTHENTICATION

6.1.14 Audit SGID executablesCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT