Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1 Create Separate Partition for /tmpCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.14 Add nodev Option to /dev/shm PartitionCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.2.1 Ensure package manager repositories are properly configuredCIS NGINX Benchmark v2.1.0 L1 WebserverUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5.1 Set User/Group Owner on /etc/grub.confCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

1.5.5 Disable Interactive BootCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

1.6.5 Disable Prelink - PRELINKING=noCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

2.1.9 Remove talkCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

2.1.12 Disable chargen-dgramCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

2.1.15 Disable daytime-streamCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

2.1.17 Disable echo-streamCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.1.3 Check Responses TTL Field - check-response-ttl=yesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.1.6 Restrict Published Information (if publishing is required) - publish-workstation=noCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.3 Remove X Windows - /etc/inittab- id:3:initdefault:CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.4 Disable Print Server - CUPSCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.4.2.1 Ensure nftables is installedCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.1.2 Ensure nftables is not installed with iptablesCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.1.2 Ensure nftables is not installed with iptablesCIS Debian 10 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.1.2 Ensure nftables is not installed with iptablesCIS CentOS Linux 8 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.1.2 Ensure nftables is not installed with iptablesCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.8 Disable NFS and RPC - nfslockCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.8 Disable NFS and RPC - portmapCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

3.16 Configure Mail Transfer Agent for Local-Only Mode - O DaemonPortOptions=Port=smtp, Addr=127.0.0.1, Name=MTACIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

4.2.2 Disable ICMP Redirect Acceptance - net.ipv4.conf.default.accept_redirects = 0CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

4.2.4 Log Suspicious Packets - net.ipv4.conf.all.log_martians = 1CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

CONFIGURATION MANAGEMENT

4.4.1.2 Ensure nftables is not in use with iptablesCIS Debian Linux 12 v1.1.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.1.2 Ensure nftables is not in use with iptablesCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.4 Create /etc/hosts.denyCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-06-000534 - The Red Hat Enterprise Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - grubDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-08-030310 - Successful/unsuccessful uses of the unix_update in RHEL 8 must generate an audit record.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030316 - Successful/unsuccessful uses of setsebool in RHEL 8 must generate an audit record.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030590 - Successful/unsuccessful modifications to the faillock log file in RHEL 8 must generate an audit record.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030650 - RHEL 8 must use cryptographic mechanisms to protect the integrity of audit tools.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-08-030680 - RHEL 8 must have the packages required for encrypting offloaded audit logs installed.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040022 - RHEL 8 must disable the controller area network (CAN) protocol.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040090 - A RHEL 8 firewall must employ a deny-all, allow-by-exception policy for allowing connections to other systems.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

ACCESS CONTROL

RHEL-08-040127 - RHEL 8 must mount /var/log with the nosuid option.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040128 - RHEL 8 must mount /var/log with the noexec option.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040133 - RHEL 8 must mount /var/tmp with the nosuid option.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040140 - RHEL 8 must block unauthorized peripherals before establishing a connection.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-040159 - All RHEL 8 networked systems must have SSH installed.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-08-040180 - The debug-shell systemd service must be disabled on RHEL 8.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040239 - RHEL 8 must not forward IPv4 source-routed packets.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040259 - RHEL 8 must not enable IPv4 packet forwarding unless the system is a router.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040261 - RHEL 8 must not accept router advertisements on all IPv6 interfaces.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040282 - RHEL 8 must restrict usage of ptrace to descendant processes.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040300 - The RHEL 8 file integrity tool must be configured to verify extended attributes.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040310 - The RHEL 8 file integrity tool must be configured to verify Access Control Lists (ACLs).DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT

RHEL-08-040320 - The graphical display manager must not be installed on RHEL 8 unless approved.DISA Red Hat Enterprise Linux 8 STIG v2r3Unix

CONFIGURATION MANAGEMENT