Item Search

Name	Audit Name	Plugin	Category
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/passwd reboot'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
GEN000000-LNX00420 - The /etc/security/access.conf file must have a privileged group owner.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001140 - System files and directories must not have uneven access permissions - '/usr/bin/*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001140 - System files and directories must not have uneven access permissions - '/usr/lbin/*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001140 - System files and directories must not have uneven access permissions - '/usr/sbin/*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001140 - System files and directories must not have uneven access permissions - '/usr/usb/*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001360 - The NIS/NIS+/yp command files must have mode 0755 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001363 - The /etc/resolv.conf file must be group-owned by root, bin, or sys.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001475 - The /etc/group file must not contain any group password hashes.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001500 - All interactive user home directories must be owned by their respective users.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001540 - All files and directories contained in interactive user home directories must be owned by the home directorys owner.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001550 - All files and directories contained in user home directories must be group-owned by a group of which the home directorys owner is a member.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001560 - All files and directories contained in user home directories must have mode 0750 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001570 - All files and directories contained in user home directories must not have extended ACLs.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN002320 - Audio devices must have mode 0660 or less permissive - '/dev/audio*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN002320 - Audio devices must have mode 0660 or less permissive - '/dev/snd/*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN002420 - Removable media, remote file systems, and any file system not containing approved setuid files must be mounted with the nosuid option - nosuid option.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN003440 - At jobs must not set the umask to a value less restrictive than 077 - At jobs must not set the umask to a value less restrictive than 077.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN004420 - Files executed through a mail aliases file must have mode 0755 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004510 - The SMTP service log file must not have an extended ACL.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004930 - The ftpusers file must be group-owned by root, bin, sys, or system - '/etc/vsftpd.ftpusers'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004950 - The ftpusers file must not have an extended ACL - '/etc/ftpusers'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004950 - The ftpusers file must not have an extended ACL - '/etc/vsftpd.ftpusers'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005000 - Anonymous FTP accounts must not have a functional shell.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005040 - All FTP users must have a default umask of 077 - '/etc/xinetd.d/gssftp'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005140 - Any active TFTP daemon must be authorized and approved in the system accreditation package.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005200 - X displays must not be exported to the world.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005240 - The .Xauthority utility must only permit access to authorized hosts.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005340 - Management Information Base (MIB) files must have mode 0640 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005350 - Management Information Base (MIB) files must not have extended ACLs.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005390 - The /etc/syslog.conf file must have mode 0640 or less permissive - /etc/syslog.conf	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005420 - The /etc/syslog.conf file must be group-owned by root, bin, sys, or system.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005522 - The SSH public host key files must have mode 0644 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005760 - The Network File System (NFS) export configuration file must have mode 0644 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN006140 - The /etc/smb.conf file must have mode 0644 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006160 - The /etc/smbpasswd file must be owned by root - '/etc/samba/passdb.tdb'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006220 - The smb.conf file must use the hosts option to restrict access to Samba - hosts option to restrict access to Samba.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006280 - The /etc/news/infeed.conf (or equivalent) must have mode 0600 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006290 - The /etc/news/hosts.nntp.nolimit file must not have an extended ACL.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006300 - The /etc/news/readers.conf (or equivalent) must have mode 0600 or less permissive - or equivalent must have mode 0600 or less permissive	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006340 - Files in /etc/news must be owned by root or news.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008080 - If the system is using LDAP for authentication or account information, the /etc/ldap.conf (or equivalent) file must be owned by root - or equivalent file must be owned by root.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008100 - If the system is using LDAP for authentication or account information, the /etc/ldap.conf (or equivalent) file must be group-owned by root, bin, sys, or system.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008160 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must be group-owned by root, bin, sys, or system - '/etc/ssl/'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008180 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must have mode 0644 (0755 for directories) or less permissive - '/etc/ssl/ca.cert'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008200 - If the system is using LDAP for authentication or account information, the LDAP TLS certificate authority file and/or directory (as appropriate) must not have an extended ACL - as appropriate must not have an extended ACL.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008220 - For systems using NSS LDAP, the TLS certificate file must be owned by root - ''/etc/openldap/cacerts/cert.pem	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008260 - If the system is using LDAP for authentication or account information, the LDAP TLS certificate file must have mode 0644 or less permissive - '/etc/openldap/cacerts/cert.pem'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008320 - If the system is using LDAP for authentication or account information, the LDAP TLS key file must be group-owned by root, bin, or sys - '/etc/openldap/cacerts/key.pem'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008360 - If the system is using LDAP for authentication or account information, the LDAP TLS key file must not have an extended ACL - '/etc/openldap/cacerts/key.pem'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search