Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.5.1.5 Set 'Windows Firewall: Domain: Apply local connection security rules' to 'Yes (default)'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.4 Enable Firewall Stealth ModeCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'httpd.access has been configured'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.snapmirror has been configured'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'snmp.access has been configured'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.all.accept_source_route' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.default.accept_source_route' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.1 Ensure source routed packets are not accepted - 'sysctl net.ipv4.conf.all.accept_source_route'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.all.accept_redirects' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.default.accept_redirects' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.2 Ensure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.all.accept_redirects'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.2 Ensure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.default.accept_redirects'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.3 Ensure secure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.default.secure_redirects'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.5 Ensure broadcast ICMP requests are ignored (sysctl exec)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.all.rp_filter' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.all.accept_ra'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Ensure IPv6 redirects are not accepted - 'net.ipv6.conf.all.accept_redirects' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Ensure IPv6 redirects are not accepted - 'sysctl net.ipv6.conf.default.accept_redirects'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1 Ensure TCP Wrappers is installedCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.1 Ensure iptables is installedCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - 'Chain INPUT'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - 'Chain INPUT'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - INPUTCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.2 Ensure IPv4 loopback traffic is configured - INPUTCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.2 Ensure IPv4 loopback traffic is configured - OUTPUTCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.3 Ensure IPv4 outbound and established connections are configuredCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.3 Ensure IPv4 outbound and established connections are configuredCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3 Ensure loopback traffic is configured - outputCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3 Ensure loopback traffic is configured - outputCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - INPUTCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.2 Ensure IPv6 loopback traffic is configured - INPUTCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.2 Ensure IPv6 loopback traffic is configured - OUTPUTCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.3 Ensure IPv6 outbound and established connections are configuredCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.3 Ensure IPv6 outbound and established connections are configuredCIS Oracle Linux 6 Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.4 Ensure IPv6 firewall rules exist for all open ports - iptablesCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.5 Ensure firewall rules exist for all open portsCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.5 Ensure firewall rules exist for all open portsCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.7 Disable Response to ICMP Broadcast Timestamp Requests - persistent ip = 0CIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.5.2 Create /etc/hosts.allowCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.2.1 Disable Source Routed Packet Acceptance - 'net.ipv4.conf.all.accept_source_route = 0'CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.2.7 Enable RFC-recommended Source Route Validation - 'net.ipv4.conf.all.rp_filter = 1'CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.3.1 Disable IPv6 Router Advertisements - 'net.ipv6.conf.default.accept_ra = 0'CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

9.1.1 Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.1 Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'CIS Windows 7 Workstation Level 1 v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.1 Ensure 'Windows Firewall: Public: Firewall state' is set to 'On (recommended)'CIS Windows 7 Workstation Level 1 v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.1 Ensure 'Windows Firewall: Public: Firewall state' is set to 'On (recommended)'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.6 Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure default deny firewall policy - Chain FORWARDTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure IP forwarding is disabledTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION

XenServer - Ensure IP forwarding is disabledTNS Citrix XenServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION