Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3 Ensure nodev option set on /tmp partitionCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.18 Ensure sticky bit is set on all world-writable directoriesCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.19 Disable AutomountingCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.2.2 Ensure GPG keys are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.1.2 Ensure ntp is configured - restrict -4CIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

2.1.1.3 Ensure chrony is configured - chrony server/poolCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

2.1.7 Ensure NFS and RPC are not enabled - nfsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.7 Ensure NFS and RPC are not enabled - nfs-serverCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.7 Ensure NFS and RPC are not enabled - nfs-server statusCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.7 Ensure NFS and RPC are not enabled - rpcbind statusCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.11 Ensure IMAP and POP3 server is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.15 Ensure mail transfer agent is configured for local-only mode - statusCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.17 Ensure rsh server is not enabled - rexec.socketCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.19 Ensure tftp server is not enabled - statusCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.20 Ensure rsync service is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.2.5 Ensure LDAP client is not installedCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.1.1 Ensure IP forwarding is disabled - sysctlCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.1.2 Ensure packet redirect sending is disabled - sysctl.conf sysctl.d net.ipv4.conf.default.send_redirectsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure source routed packets are not accepted - sysctl.conf sysctl.d net.ipv6.conf.default.accept_source_routeCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.4 Ensure suspicious packets are logged - sysctl.conf sysctl.d net.ipv4.conf.all.log_martiansCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

3.2.5 Ensure broadcast ICMP requests are ignored - sysctl net.ipv4.icmp_echo_ignore_broadcastsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.9 Ensure IPv6 router advertisements are not accepted - sysctl.conf sysctl.d net.ipv6.conf.all.accept_raCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.5 Ensure permissions on /etc/hosts.deny are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.4.4 Ensure TIPC is disabled - grep modprobe.dCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.5.1.4 Ensure firewall rules exist for all open portsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure IPv6 default deny firewall policy - Chain OUTPUTCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1.1 Ensure rsyslog Service is enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure rsyslog is configured to send logs to a remote log hostCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.5 Ensure remote rsyslog messages are only accepted on designated log hosts. - $ModLoadCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.3 Ensure permissions on SSH public host key files are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.2.4 Ensure sshd access is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.2.21 Ensure sshd PermitUserEnvironment is disabledCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

4.3 Ensure logrotate is configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.3.1 Ensure sudo is installedCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

4.3.7 Ensure access to the su command is restrictedCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.4.2.1.3 Ensure password unlock time is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

4.4.2.2.4 Ensure password complexity is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.4.2.3.1 Ensure pam_pwhistory module is enabledCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.4.2.3.4 Ensure pam_pwhistory includes use_authtokCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.1.5 Ensure all users last password change date is in the pastCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.5.2.2 Ensure root user umask is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.5.3.3 Ensure default user umask is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.2 Ensure rsyslog service is enabledCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.8 Ensure at/cron is restricted to authorized usersCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.2.13 Ensure only strong MAC algorithms are usedCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.1.4 Ensure permissions on /etc/group- are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.10 Ensure permissions on /etc/security/opasswd are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2.5 Ensure no duplicate GIDs existCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.2.7 Ensure no duplicate group names existCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.2.10 Ensure local interactive user home directories are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION