Item Search

NameAudit NamePluginCategory
GEN000244 - The system must use time sources local to the enclave.DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN000850 - The system must restrict the ability to switch to the root user to members of a defined group.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000900 - The root user's home directory must not be the root directory (/).DISA STIG AIX 6.1 v1r14Unix

CONFIGURATION MANAGEMENT

GEN001290 - All manual page files must not have extended ACLs - '/usr/share/infopage'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN001290 - All manual page files must not have extended ACLs - '/usr/share/infopage/*'DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN001440 - All interactive users must be assigned a home directory in the /etc/passwd file.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN001460 - All interactive user home directories defined in the /etc/passwd file must exist.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN001490 - User home directories must not have extended ACLs.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN001540 - All files and directories contained in interactive user's home directories must be owned by the home directory's owner.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN001780 - Global initialization files must contain the 'mesg -n' or 'mesg n' commands - '/etc/profile'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

CONFIGURATION MANAGEMENT

GEN002260 - The system must be checked for extraneous device files at least weekly.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

CONFIGURATION MANAGEMENT

GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditcat'DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditstream'DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN002716 - System audit tool executables must be group-owned by root, bin, sys, or system - '/sbin/aureport'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

AUDIT AND ACCOUNTABILITY

GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/sbin/audispd'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

AUDIT AND ACCOUNTABILITY

GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/sbin/auditctl'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

AUDIT AND ACCOUNTABILITY

GEN002718 - System audit tool executables must not have extended ACLs - '/sbin/audispd'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

AUDIT AND ACCOUNTABILITY

GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditpr'DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN002750 - The audit system must be configured to audit account creation - 'gshadow'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN002750 - The audit system must be configured to audit account creation - 'shadow'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN002750 - The audit system must be configured to audit account creation - 'useradd'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN002751 - The audit system must be configured to audit account modification - 'passwd'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN002751 - The audit system must be configured to audit account modification - 'usermod'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN002752 - The audit system must be configured to audit account disabling - '/etc/security/audit/config USER_Change exists'DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN002752 - The audit system must be configured to audit account disabling - 'User audit class assignments should be reviewed'DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN002752 - The audit system must be configured to audit account disabling.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN002753 - The audit system must be configured to audit account termination - 'groupdel'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN002870 - The system must be configured to send audit records to a remote audit server - '/boot/grub/grub.conf audit=1'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

AUDIT AND ACCOUNTABILITY

GEN002870 - The system must be configured to send audit records to a remote audit server - '/etc/rsyslog.conf contains *.* @<server>'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

AUDIT AND ACCOUNTABILITY

GEN002870 - The system must be configured to send audit records to a remote audit server - '/etc/syslog.conf contains *.* @<server>'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

AUDIT AND ACCOUNTABILITY

GEN003220 - Cron programs must not set the umask to a value less restrictive than 077 - '/etc/cron.monthly/*'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN003520 - The kernel core dump data directory must be owned by root.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN003523 - The kernel core dump data directory must not have an extended ACL.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN003620 - A separate file system must be used for user home directories (such as /home or equivalent).DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

GEN003624 - The system must use a separate file system for /tmp (or equivalent).DISA STIG AIX 6.1 v1r14Unix

SYSTEM AND COMMUNICATIONS PROTECTION

GEN003650 - All local file systems must employ journaling or another mechanism ensuring file system consistency.DISA STIG AIX 6.1 v1r14Unix

CONTINGENCY PLANNING

GEN003650 - All local file systems must employ journaling or another mechanism that ensures file system consistency.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

CONTINGENCY PLANNING

GEN003800 - Inetd or xinetd logging/tracing must be enabled.DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN004680 - The SMTP service must not have the VRFY feature active.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

CONFIGURATION MANAGEMENT

GEN004980 - The FTP daemon must be configured for logging or verbose mode.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

AUDIT AND ACCOUNTABILITY

GEN006660 - Accounts must be locked upon 35 days of inactivity.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN008460 - The system must have USB disabled unless needed - 'lslpp'DISA STIG AIX 6.1 v1r14Unix

CONFIGURATION MANAGEMENT

GEN008480 - The system must have USB Mass Storage disabled unless needed.DISA STIG AIX 6.1 v1r14Unix

CONFIGURATION MANAGEMENT

GEN008480 - The system must have USB Mass Storage disabled unless needed.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

CONFIGURATION MANAGEMENT

GEN008800 - The package management tool must cryptographically verify the authenticity of packages during installation - '/etc/yum.conf'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

CONFIGURATION MANAGEMENT

GEN008820 - The system package management tool must not automatically obtain updates.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

SYSTEM AND INFORMATION INTEGRITY

JUEX-RT-000610 - The Juniper router must be configured to have IP directed broadcast disabled on all interfaces.DISA Juniper EX Series Router v2r1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

SPLK-CL-000140 - Splunk Enterprise must allow only the individuals appointed by the information system security manager (ISSM) to have full admin rights to the system - ISSM to have full admin rights to the system.DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST APISplunk

AUDIT AND ACCOUNTABILITY

SPLK-CL-000380 - Splunk Enterprise must be configured to enforce password complexity by requiring that at least one special character be used.DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OSUnix

IDENTIFICATION AND AUTHENTICATION

SPLK-CL-000410 - Splunk Enterprise must be configured to prohibit password reuse for a minimum of five generations.DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OSUnix

IDENTIFICATION AND AUTHENTICATION