Item Search

Name	Audit Name	Plugin	Category
1.1.2.1.2 Ensure nodev option set on /tmp partition	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
1.1.2.3.3 Ensure nosuid option set on /home partition	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.4.3 Ensure nosuid option set on /var partition	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.6.2 Ensure nodev option set on /var/log partition	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.7.2 Ensure nodev option set on /var/log/audit partition	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.4.3 Ensure core dump backtraces are disabled	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL
1.5.1.2 Ensure SELinux is not disabled in bootloader configuration	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.5.1.8 Ensure SETroubleshoot is not installed	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
2.1.1 Ensure time synchronization is in use	CIS Amazon Linux 2 v3.0.0 L1	Unix	AUDIT AND ACCOUNTABILITY
2.2.9 Ensure network file system services are not in use	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
2.3.3 Ensure nis client is not installed	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
3.2.9 Ensure IPv6 router advertisements are not accepted - sysctl net.ipv6.conf.default.accept_ra	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.9 Ensure IPv6 router advertisements are not accepted - sysctl.conf sysctl.d net.ipv6.conf.default.accept_ra	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure TCP Wrappers is installed	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.10 Ensure tcp syn cookies is enabled	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
3.4.1 Ensure DCCP is disabled - grep modprobe.d	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.4.1 Ensure DCCP is disabled - modprobe	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.4.2 Ensure SCTP is disabled - modprobe	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.4.4 Ensure TIPC is disabled - modprobe	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.5.1.2 Ensure loopback traffic is configured - output	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.1 Ensure IPv6 default deny firewall policy - Chain INPUT	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.2 Ensure IPv6 loopback traffic is configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.3 Ensure IPv6 outbound and established connections are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3 Ensure iptables is installed	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.2.1.2 Ensure logging is configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure rsyslog default file permissions configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.2.2 Ensure rsyslog is installed	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.1.4 Ensure permissions on /etc/cron.daily are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.5 Ensure permissions on /etc/cron.weekly are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.6 Ensure permissions on /etc/cron.monthly are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.9 Ensure SSH HostbasedAuthentication is disabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.2.12 Ensure SSH PermitUserEnvironment is disabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.17 Ensure only strong ciphers are used	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
5.3.1 Ensure password creation requirements are configured - minlen	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.1 Ensure password creation requirements are configured - ocredit	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth sufficient pam_faillock.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth sufficient pam_faillock.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.4 Ensure password hashing algorithm is SHA-512 - system-auth	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.1.4 Ensure inactive password lock is 30 days or less - useradd	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.2 Ensure system accounts are non-login	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.4.3 Ensure default group for the root account is GID 0	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
6.1.4 Ensure permissions on /etc/group are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.8 Ensure permissions on /etc/group- are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.2.3 Ensure no legacy "+" entries exist in /etc/shadow	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.6 Ensure root PATH Integrity	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.8 Ensure users' home directories permissions are 750 or more restrictive	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
6.2.10 Ensure users' dot files are not group or world writable	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
6.2.11 Ensure no users have .forward files	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.16 Ensure no duplicate UIDs exist	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.18 Ensure no duplicate user names exist	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search