Detections
Analytics

Item Search

NameAudit NamePluginCategory
GEN001580 - All run control scripts must have mode 0755 or less permissive - /lib/svc/method/*DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001605 - Run control scripts lists of preloaded libraries must contain only authorized paths - /etc/init.d/*DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001660 - All system start-up files must be owned by root - /etc/rc*DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001720 - All global initialization files must have mode 0644 or less permissive - /etc/bashrcDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001720 - All global initialization files must have mode 0644 or less permissive - /etc/csh.cshrcDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001720 - All global initialization files must have mode 0644 or less permissive - /etc/csh.loginDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001740 - All global initialization files must be owned by root - /etc/csh.loginDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001740 - All global initialization files must be owned by root - /etc/environmentDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001810 - Skeleton files must not have extended ACLs.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001820 - All skeleton files and directories (typically in /etc/skel) must be owned by root - /etc/skel/*DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001830 - All skeleton files (typically in /etc/skel) must be group-owned by root, bin, or sys.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001845 - Global initialization files library search paths must contain only authorized paths - /etc/environmentDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001850 - Global initialization files lists of preloaded libraries must contain only authorized paths - /etc/.loginDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001880 - All local initialization files must have mode 0740 or less permissive - .cshrcDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001880 - All local initialization files must have mode 0740 or less permissive - .dtprofileDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001901 - Local initialization files library search paths must contain only authorized paths.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001902 - Local initialization files lists of preloaded libraries must contain only authorized paths.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001980 - The .rhosts, .shosts, hosts.equiv, shosts.equiv, /etc/passwd, /etc/shadow, and/or /etc/group files must not contain a plus (+) without defining entries for NIS+ netgroups - /etc/passwdDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN001980 - The .rhosts, .shosts, hosts.equiv, shosts.equiv, /etc/passwd, /etc/shadow, and/or /etc/group files must not contain a plus (+) without defining entries for NIS+ netgroups - ~/.rhostsDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN002060 - All .rhosts, .shosts, .netrc, or hosts.equiv files must be accessible by only root or the owner - .netrc permsDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN002100 - The .rhosts file must not be supported in PAM.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN002220 - All shell files must have mode 0755 or less permissive.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN002340 - Audio devices must be owned by root - /dev/audio*DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN002380 - The owner, group owner, mode, ACL, and location of files with the setuid bit set must be documented using site-defined procedures.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN002480 - Public directories must be the only world-writable directories and world-writable files must be located only in public directories - directoriesDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN002540 - All public directories must be group-owned by root or an application group.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN002560 - The system and user default umask must be 077 - /etcDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN002560 - The system and user default umask must be 077 - /etc/skelDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003080 - Crontab files must have mode 0600 or less permissive.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003090 - Crontab files must not have extended ACLs.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003240 - The cron.allow file must be owned by root, bin, or sys.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003270 - The cron.deny file must be group-owned by root, bin, or sys.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003430 - The 'at' directory must be group-owned by root, bin, or sys - at directory must be group-owned by root, bin, or sys.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003500 - Process core dumps must be disabled unless needed - sys:coredumpsizeDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003505 - The centralized process core dump data directory must not have an extended ACL.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003510 - Kernel core dumps must be disabled unless needed.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003580 - The system must use initial TCP sequence numbers most resistant to sequence number guessing attacks.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003600 - The system must not forward IPv4 source-routed packets - dladm show-linkDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003601 - TCP backlog queue sizes must be set appropriately - tcp_conn_req_max_q0DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003602 - The system must not process ICMP timestamp requests.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003604 - The system must not respond to ICMP timestamp requests sent to a broadcast address - ip_respond_to_echo_broadcastDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003605 - The system must not apply reversed source routing to TCP responses - dladm show-linkDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003606 - The system must prevent local applications from generating source-routed packets - ssrrDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003623 - The system must use a separate file system for the system audit data path - /etc/vfstabDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003730 - The inetd.conf file must be group-owned by root, bin, or sys.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003810 - The portmap or rpcbind service must not be running unless needed.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003930 - The hosts.lpd (or equivalent) file must be group-owned by root, bin, or sys - /etc/apache/httpd-standalone-ipp.confDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003930 - The hosts.lpd (or equivalent) file must be group-owned by root, bin, or sys - SMB_CONFDISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN003960 - The traceroute command owner must be root.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT

GEN004390 - The alias file must not have an extended ACL.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT