Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.3 Ensure systemd Service Files Are EnabledCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

Audit system file permissions - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

Ensure all groups in /etc/passwd exist in /etc/groupTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure all users last password change date is in the pastTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure at/cron is restricted to authorized users - at.allowTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure audit logs are not automatically deletedTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure Avahi Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoersTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure chrony is configured - NTP serverTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure default deny firewall policy - Chain OUTPUTTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure default group for the root account is GID 0Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure default user shell timeout is 900 seconds or less - /etc/profileTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure discretionary access control permission modification events are collected - b32 chown fchownTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure DNS Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure echo services are not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure events that modify date and time information are collected - audit.rules b64 clock_settimeTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure events that modify date and time information are collected - auditctl b64 adjtimexTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure events that modify the system's network environment are collected - auditctl /etc/hostsTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure events that modify user/group information are collected - /etc/gshadowTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure events that modify user/group information are collected - /etc/shadowTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure FTP Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure GDM login banner is configured - banner-message-textTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure GDM login banner is configured - file-dbTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure IPv6 redirects are not accepted - /etc/sysctl ipv6 all acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IPv6 redirects are not accepted - /etc/sysctl ipv6 default acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 all acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure kernel module loading and unloading is collected - insmodTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure LDAP client is not installed - zypperTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure login and logout events are collected - faillogTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure loopback traffic is configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure mounting of hfs filesystems is disabled - modprobeTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure NIS Client is not installed - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure no duplicate GIDs existTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure no users have .rhosts filesTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure nodev option set on /tmp partitionTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure nodev option set on removable media partitionsTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure ntp is configured - serverTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure packet redirect sending is disabled - sysctl ipv4 all sendTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure password creation requirements are configured - /etc/pam.d/* dcreditTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure password creation requirements are configured - /etc/pam.d/* minlenTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure password creation requirements are configured - pwquality.conf lcreditTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure Reverse Path Filtering is enabled - /etc/sysctl ipv4 default rp_filterTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure Reverse Path Filtering is enabled - sysctl ipv4 all rp_filterTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure Reverse Path Filtering is enabled - sysctl ipv4 default rp_filterTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure SNMP Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure SSH Idle Timeout Interval is configured - ClientAliveIntervalTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure SSH MaxAuthTries is set to 4 or lessTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure TCP Wrappers is installed - zypperTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

PPS9-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION