Item Search

Name	Audit Name	Plugin	Category
1.1.1.4 Ensure mounting of FAT filesystems is limited - EFI /etc/fstab	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.4 Ensure nodev option set on /tmp partition	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.7 Ensure separate partition exists for /var/tmp	CIS Debian Family Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.8 Ensure nodev option set on /var/tmp partition	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.9 Ensure nosuid option set on /var/tmp partition	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.13 Ensure separate partition exists for /home	CIS Debian Family Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.15 Ensure nodev option set on /dev/shm partition	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.18 Ensure nodev option set on removable media partitions	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.1 Ensure bootloader password is set - GRUB2_PASSWORD	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.2 Ensure bootloader password is set - set superusers	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.3 Ensure authentication required for single user mode - /usr/lib/systemd/system/rescue.service	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.1 Ensure core dumps are restricted - /etc/sysctl.d/*	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.4 Ensure core dumps are restricted - limits.conf limits.d	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.8.1.1 Ensure message of the day is configured properly	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.10 Ensure GDM is removed or login is configured - gdm file-db	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure IP forwarding is disabled - sysctl.conf ipv4	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure packet redirect sending is disabled - 'net.ipv4.conf.all.send_redirects = 0'	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure packet redirect sending is disabled - 'net.ipv4.conf.default.send_redirects = 0'	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.default.accept_source_route	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.all.accept_redirects = 0'	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - 'net.ipv6.conf.default.accept_redirects = 0'	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.all.secure_redirects = 0'	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.5 Ensure broadcast ICMP requests are ignored - sysctl net.ipv4.icmp_echo_ignore_broadcasts	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.9 Ensure IPv6 router advertisements are not accepted - net.ipv6.conf.default.accept_ra = 0	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.3 Ensure events that modify date and time information are collected - /etc/localtime	CIS Debian Family Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.3 Ensure events that modify date and time information are collected - auditctl adjtimex	CIS Debian Family Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.3 Ensure events that modify date and time information are collected - auditctl clock_settime	CIS Debian Family Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.3 Ensure events that modify date and time information are collected - auditctl clock_settime	CIS Debian Family Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.3 Ensure events that modify date and time information are collected - auditctl settimeofday,adjtimex x64	CIS Debian Family Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - /etc/hosts	CIS Debian Family Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - /etc/sysconfig/network	CIS Debian Family Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - auditctl '/etc/hosts'	CIS Debian Family Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - auditctl '/etc/issue'	CIS Debian Family Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - auditctl '/etc/network'	CIS Debian Family Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - auditctl 'issue.net'	CIS Debian Family Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - auditctl 'sethostname setdomainname' x64	CIS Debian Family Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor.d/	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor	CIS Debian Family Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor/	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown fchown fchownat lchown x64	CIS Debian Family Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.12 Ensure successful file system mounts are collected - auditctl mount	CIS Debian Family Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - /sbin/modprobe	CIS Debian Family Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl insmod	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl modules	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.1 Ensure cron daemon is enabled and running - is-enabled	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.3 Ensure permissions on /etc/cron.hourly are configured	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.12 Ensure SSH PermitUserEnvironment is disabled	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.19 Ensure SSH PAM is enabled	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.22 Ensure SSH MaxSessions is limited	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.3 Ensure root is the only UID 0 account	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search