Detections
Analytics

Item Search

NameAudit NamePluginCategory
1 - Application specific loggingTNS Best Practice Jetty 9 LinuxUnix
2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.websocket.LEVEL=DEBUGTNS Best Practice Jetty 9 LinuxUnix

AUDIT AND ACCOUNTABILITY

2.2 Ensure that authorization is enabled for Cassandra databasesCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

3 - Configure log file size limit - org.eclipse.jetty.server.handler.RequestLogHandlerTNS Best Practice Jetty 9 LinuxUnix

AUDIT AND ACCOUNTABILITY

4 - Restrict access to $JETTY_HOME - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

6 - EncryptionTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7 - SSL implementation - start.ini --module=deployTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7 - SSL implementation - start.jar --module=deployTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7.23 (L1) Virtual machines must restrict sharing of memory pages with other VMsCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

8 - Management IP - .htacess existsTNS Best Practice Jetty 9 LinuxUnix
8 - Management IP - review $jetty_home/contexts xml fileTNS Best Practice Jetty 9 LinuxUnix
8 - Secure DatasourcesTNS Best Practice JBoss 7 LinuxUnix

CONFIGURATION MANAGEMENT

8.7 Secure the permissions of the IBMLDAPSecurity.ini fileCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS LinuxUnix
10 - Enable SSL ConnectorTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

11 - Access Control - JAASTNS Best Practice Jetty 9 LinuxUnix
12 - Remove and mask informational headers - Server Property OverrideTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

13 - Disable stacktrace in response bodyTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

13 - Restrict access to temp directory - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

14 - SSL Encryption - WSDL Secure PortTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

15 - Restrict access to web application directory - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

16 - ORB Subsystem - Security-Domain SetTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

16 - Restrict access to JETTY.policy - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

17 - Restrict access to JETTY.properties - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

21 - Restrict access to users.xml - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

24 - Remove extraneous files and directories - $JETTY_BASE/webapps/balancerTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

24 - Remove extraneous files and directories - $JETTY_BASE/webapps/webdavTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

28 - Ensure scheme is set accuratelyTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

29 - Ensure secure is set to true only for SSL-enabled ConnectorsTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

31 - Starting with Security ManagerTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

32 - Disabling auto deployment of applicationsTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

33 - Disable deploy on startup of applicationsTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

37 - Configure maxHttpHeaderSizeTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

40 - Do not allow symbolic linkingTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

41 - Do not run applications as privilegedTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

42 - Do not allow cross context requestsTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

43 - Do not resolve hosts on logging valves - SERVER_XMLTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

44 - Use Lockout RealmsTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

ACLs: Filter for RFC 3330 addresses (127.0.0.0/8)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

ACLs: Filter for RFC 3330 addresses (169.254.0.0/16)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

Authentication: enable remote authenticationTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

IDENTIFICATION AND AUTHENTICATION

BGP: Authenticate peersTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

ACCESS CONTROL

DKER-EE-001960 - Privileged Linux containers must not be used for Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

DNS: A trusted primary DNS server is configuredTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

Login: Accounts are locked after 3 failed password attemptsTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

ACCESS CONTROL

Login: Idle connections time out after 5 minutes or lessTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

CONFIGURATION MANAGEMENT

Login: Telnet is disabled (IPv4)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

CONFIGURATION MANAGEMENT

Login: Telnet is disabled (IPv6)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

CONFIGURATION MANAGEMENT

Password Complexity: Require at least one numberTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

IDENTIFICATION AND AUTHENTICATION

Time: Disable Daylight Savings Time adjustmentTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

AUDIT AND ACCOUNTABILITY

Time: Set system clock to UTCTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

AUDIT AND ACCOUNTABILITY