Item Search

Name	Audit Name	Plugin	Category
1.1.5.1.5 Set 'Windows Firewall: Domain: Apply local connection security rules' to 'Yes (default)'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.1.8 Set 'Windows Firewall: Domain: Logging: Log dropped packets' to 'Yes'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.1.9 Set 'Windows Firewall: Domain: Logging: Log successful connections' to 'Yes'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.3.3 Set 'Windows Firewall: Public: Apply local connection security rules' to 'No'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.5 Ensure firewall filters contain explicit deny and log term	CIS Juniper OS Benchmark v2.1.0 L2	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
2.6 Ensure firewall filters contain explicit deny and log term	CIS Juniper OS Benchmark v2.1.0 L2	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 172.16/12; addresses	CIS BIND DNS v3.0.1 Authoritative Name Server	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.all.accept_source_route' (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.default.accept_source_route' (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.1 Ensure source routed packets are not accepted - 'sysctl net.ipv4.conf.all.accept_source_route'	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.all.accept_redirects' (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.default.accept_redirects = 0 /etc/sysctl.conf sysctl.d/*'	CIS Amazon Linux v2.1.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.default.accept_redirects' (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.2 Ensure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.all.accept_redirects'	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.2 Ensure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.default.accept_redirects'	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.all.secure_redirects = 0 /etc/sysctl.conf /etc/sysctl.d/*'	CIS Amazon Linux v2.1.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.3 Ensure secure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.default.secure_redirects'	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.5 Ensure broadcast ICMP requests are ignored (sysctl exec)	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.6 Ensure bogus ICMP responses are ignored - sysctl	CIS Amazon Linux v2.1.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.all.rp_filter' (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.default.rp_filter = 1 sysctl'	CIS Amazon Linux v2.1.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.8 Ensure TCP SYN Cookies is enabled - sysctl	CIS Amazon Linux v2.1.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.1 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.all.accept_ra'	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.1 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.default.accept_ra = 0'	CIS Amazon Linux v2.1.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.2 Ensure IPv6 redirects are not accepted - 'net.ipv6.conf.all.accept_redirects = 0 /etc/sysctl.conf /etc/sysctl.d/*'	CIS Amazon Linux v2.1.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.2 Ensure IPv6 redirects are not accepted - 'net.ipv6.conf.all.accept_redirects' (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.2 Ensure IPv6 redirects are not accepted - 'sysctl net.ipv6.conf.default.accept_redirects'	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.4.1 Ensure TCP Wrappers is installed	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.1.1 Ensure default deny firewall policy - Chain INPUT	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.1.3 Ensure outbound and established connections are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.1 Ensure IPv6 default deny firewall policy - Chain FORWARD	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.1 Ensure loopback traffic is configured	CIS SUSE Linux Enterprise 12 v3.2.1 L1 Workstation	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.4 Ensure IPv6 firewall rules exist for all open ports	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3.1 Ensure IPv6 loopback traffic is configured	CIS SUSE Linux Enterprise 12 v3.2.1 L1 Workstation	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3.4 Ensure IPv6 default deny firewall policy	CIS SUSE Linux Enterprise 12 v3.2.1 L1 Workstation	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.1 Ensure iptables is installed	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.2 Ensure default deny firewall policy - 'Chain INPUT'	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.2 Ensure default deny firewall policy - 'Chain INPUT'	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.2.1 Ensure IPv4 default deny firewall policy - FORWARD	CIS CentOS 6 Workstation L1 v3.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.2.1 Ensure IPv4 default deny firewall policy - INPUT	CIS CentOS 6 Workstation L1 v3.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.3 Ensure loopback traffic is configured - OUTPUT	CIS Amazon Linux v2.1.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.3 Ensure loopback traffic is configured - output	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.3 Ensure loopback traffic is configured - output	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.3.1 Ensure IPv6 default deny firewall policy - INPUT	CIS CentOS 6 Server L1 v3.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.3.2 Ensure IPv6 loopback traffic is configured - OUTPUT	CIS CentOS 6 Workstation L1 v3.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.5 Ensure firewall rules exist for all open ports	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.5 Ensure firewall rules exist for all open ports	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)	MSCT Windows Server 2019 DC v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)	MSCT Windows Server 2019 MS v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes	MSCT Windows Server 2019 DC v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search