Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.3 Ensure mounting of udf filesystems is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.4 Ensure nodev option set on /tmp partitionCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.7 Ensure noexec option set on /dev/shm partitionCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION

1.1.18 Ensure /home partition includes the nodev optionCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION

1.1.27 Disable AutomountingCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

MEDIA PROTECTION

1.2.2 Ensure package manager repositories are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.3 Ensure gpgcheck is globally activatedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5.1 Ensure core dumps are restrictedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.2 Ensure XD/NX support is enabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SYSTEM AND INFORMATION INTEGRITY

1.7.1 Ensure message of the day is configured properlyCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.5 Ensure permissions on /etc/motd are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.7.7 Ensure permissions on /etc/issue.net are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

2.2.2 Ensure X11 Server components are not installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.5 Ensure DHCP Server is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.6 Ensure LDAP server is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.11 Ensure Samba is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.19 Ensure rsync is not installed or the rsyncd service is maskedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.2.2 Ensure packet redirect sending is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.5.1.1 Ensure firewalld is installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.2 Ensure iptables-services not installed with firewalldCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.3 Ensure nftables either not installed or masked with firewalldCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.4 Ensure firewalld service enabled and runningCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.2 Ensure firewalld is either not installed or masked with nftablesCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.5 Ensure an nftables table existsCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.6 Ensure nftables base chains existCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.7 Ensure nftables loopback traffic is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.8 Ensure nftables outbound and established connections are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.11 Ensure nftables rules are permanentCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.1.3 Ensure firewalld is either not installed or masked with iptablesCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.3 Ensure iptables rules exist for all open portsCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.4 Ensure iptables default deny firewall policyCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.3 Ensure ip6tables firewall rules exist for all open portsCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.6 Ensure ip6tables is enabled and runningCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1.3 Ensure rsyslog default file permissions configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.2.1.5 Ensure rsyslog is configured to send logs to a remote log hostCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.5 Ensure permissions on /etc/cron.weekly are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.5 Ensure permissions on SSH public host key files are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.13 Ensure SSH PermitEmptyPasswords is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.14 Ensure SSH PermitUserEnvironment is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.15 Ensure only strong Ciphers are usedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.21 Ensure SSH warning banner is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.2 Ensure minimum days between password changes is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.4 Ensure inactive password lock is 30 days or lessCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.13 Audit SUID executablesCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.6 Ensure no duplicate group names existCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.13 Ensure users' home directories permissions are 750 or more restrictiveCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

AS24-W2-000500 - The Apache web server must generate unique session identifiers that cannot be reliably reproduced.DISA STIG Apache Server 2.4 Windows Site v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-ND-001210 - The Cisco router must be configured to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions.DISA Cisco IOS XR Router NDM STIG v3r3Cisco

MAINTENANCE

OH12-1X-000232 - A public OHS server must use TLS if authentication is required to host web sites - SSLWalletDISA STIG Oracle HTTP Server 12.1.3 v2r3Unix

CONFIGURATION MANAGEMENT