Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.3.1 Ensure AIDE is installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.3.2 Ensure filesystem integrity is regularly checked - aideCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.3.2 Ensure filesystem integrity is regularly checked - mailCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.3.4 Ensure AIDE is configured to verify XATTRS - installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.4.1 Ensure bootloader password is set - password efi grubCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.4.3 Ensure authentication required for single user modeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.5.3 Ensure address space layout randomization (ASLR) is enabled - sysctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.5.6 Ensure the Ctrl-Alt-Delete key sequence is disabled - targetCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.6.1.9 Ensure non-privileged users are prevented from executing privileged functionsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.7.8 Ensure the Standard Mandatory DoD Notice and Consent Banner are configured - sshd_configCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.8.10 Ensure screensaver lock-enabled is setCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.8.18 Ensure graphical user interface automounter is disabled - automount=falseCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

1.8.18 Ensure graphical user interface automounter is disabled - autorun-neverCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

2.3.4 Ensure telnet client is not installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.2.1 Ensure IP forwarding is disabled - sysctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.2.2 Ensure packet redirect sending is disabled - sysctl defaultCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - sysctl default ipv4CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - config allCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.3.3 Ensure network interfaces are not in promiscuous modeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.3.6 Ensure broadcast ICMP requests are ignored - configCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.4.1 Ensure DCCP is disabled - blacklist dccpCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

3.5.1.4 Ensure firewalld service enabled and running - installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

4.1.2.8 Ensure audit logs are stored on a different system.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.11 Ensure off-load of audit logs - typeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - ftruncate EACCES 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - ftruncate EPERM 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - openat EACCES 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - openat EPERM 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - truncate EACCES 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.12 Ensure discretionary access control permission modification events are collected - chmod 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure discretionary access control permission modification events are collected - chown 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure discretionary access control permission modification events are collected - fchmod 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure discretionary access control permission modification events are collected - fchmodat 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure discretionary access control permission modification events are collected - lchown 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure discretionary access control permission modification events are collected - lsetxattr 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.14 Ensure events that modify user/group information are collected - gshadowCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.3.14 Ensure events that modify user/group information are collected - shadowCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.3.27 Ensure audit of unlink syscall - 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.28 Ensure audit unlinkat syscall - 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.31 Ensure audit of the create_module syscall - 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.32 Ensure auditing of all privileged functions - setuid 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

4.1.3.37 Ensure audit of the mount command and syscall - 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.37 Ensure audit of the mount command and syscall - 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.39 Ensure audit of setfiles commandCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.2.1.5 Ensure rsyslog is configured to send logs to a remote log hostCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

4.2.1.6 Ensure remote rsyslog messages are only accepted on designated log hosts.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.2.6 Ensure the sudoers file restricts sudo access to authorized personnel - sudoersCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.2.8 Ensure users password required for privilege escalation when using sudo - rootpwCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

5.3.16 Ensure only FIPS 140-2 ciphers are used for SSHCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

5.3.17 Ensure only strong MAC algorithms are used - MACs employing FIPS 140-2 approved cryptographic hash algorithms.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL