Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.5.1.7 Set 'Windows Firewall: Domain: Outbound connections' to 'Allow (default)'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.1.11 Set 'Windows Firewall: Domain: Firewall state' to 'On (recommended)'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.2.2 Set 'Windows Firewall: Private: Outbound connections' to 'Allow (default)'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.3.8 Set 'Windows Firewall: Public: Logging: Log successful connections' to 'Yes'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.3.10 Set 'Windows Firewall: Public: Firewall state' to 'On (recommended)'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.4 Enable Firewall Stealth ModeCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.iscsi has been configured'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled 'net.ipv4.conf.all.send_redirects = 0 - sysctl'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.all.accept_redirects' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.2 Restrict Query Origins 'mynets'CIS ISC BIND 9.0/9.5 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.all.secure_redirects' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.3 Ensure secure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.all.secure_redirects'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.5 Ensure broadcast ICMP requests are ignored - /etc/sysctl.conf /etc/sysctl.d/*CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.5 Ensure broadcast ICMP requests are ignored - sysctlCIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.7 Ensure Reverse Path Filtering is enabled - 'sysctl net.ipv4.conf.all.rp_filter'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.7 Ensure Reverse Path Filtering is enabled - 'sysctl net.ipv4.conf.default.rp_filter'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.8 Ensure TCP SYN Cookies is enabled - /etc/sysctl.conf /etc/sysctl.d/*CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.8 Ensure TCP SYN Cookies is enabled (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.all.accept_ra'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.default.accept_ra'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.default.accept_ra'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Ensure IPv6 redirects are not accepted - 'net.ipv6.conf.default.accept_redirects = 0 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure loopback traffic is configuredCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2 Ensure IPv6 outbound and established connections are configuredCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3 Ensure IPv6 firewall rules exist for all open portsCIS SUSE Linux Enterprise 12 v3.2.1 L1 ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.1 Ensure iptables is installedCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - 'Chain OUTPUT'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - FORWARDCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - INPUTCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - OUTPUTCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3 Ensure loopback traffic is configured - inputCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3 Ensure loopback traffic is configured - inputCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - OUTPUTCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.2 Ensure IPv6 loopback traffic is configured - INPUTCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.3 Ensure IPv6 outbound and established connections are configuredCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.4 Ensure IPv6 firewall rules exist for all open ports - iptablesCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

Enable port locking by default on the VM guest networkTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure TCP Wrappers is installed - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows 10 1903 v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows Server 1903 DC v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows Server 1903 MS v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server 1903 MS v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server v1909 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Defender Firewall: Protect all network connectionsMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Defender Firewall: Protect all network connectionsMSCT Windows 10 v21H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Defender Firewall: Protect all network connectionsMSCT Windows Server 1903 DC v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Defender Firewall: Protect all network connectionsMSCT Windows Server v20H2 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Firewall: Protect all network connectionsMSCT Windows 10 v1507 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Firewall: Protect all network connectionsMSCT Windows Server 2012 R2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

XenServer - Restrict allowed IPv6 addresses used by each VM guestTNS Citrix XenServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION