Item Search

Name	Audit Name	Plugin	Category
1.1.1.1 Ensure cramfs kernel module is not available	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
1.1.1.2 Ensure freevxfs kernel module is not available	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
1.1.2.1.1 Ensure /tmp is a separate partition	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
1.1.2.1.3 Ensure nosuid option set on /tmp partition	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.2.2 Ensure nodev option set on /dev/shm partition	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.2.3 Ensure nosuid option set on /dev/shm partition	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.6.4 Ensure noexec option set on /var/log partition	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.2.5 Ensure updates, patches, and additional security software are installed	CIS Amazon Linux 2 v3.0.0 L1	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
2.1.6 Ensure LDAP server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.9 Ensure FTP Server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.13 Ensure HTTP Proxy Server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.14 Ensure SNMP Server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.17 Ensure rsh server is not enabled - rexec.socket status	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.19 Ensure tftp server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.1.1 Ensure IP forwarding is disabled - sysctl.conf sysctl.d	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure ICMP redirects are not accepted - sysctl.conf sysctl.d net.ipv4.conf.all.accept_redirects	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.3 Ensure secure ICMP redirects are not accepted - sysctl.conf sysctl.d net.ipv4.conf.default.secure_redirects	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.7 Ensure Reverse Path Filtering is enabled - sysctl.conf sysctl.d net.ipv4.conf.default.rp_filter	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure /etc/hosts.allow is configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.3 Ensure /etc/hosts.deny is configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.1.1 Ensure default deny firewall policy - Chain OUTPUT	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.1.2 Ensure loopback traffic is configured - input	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.2.3 Ensure permissions on all logfiles are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.1 Ensure cron daemon is enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.1.3 Ensure permissions on /etc/cron.hourly are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.7 Ensure permissions on /etc/cron.d are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.8 Ensure at/cron is restricted to authorized users - cron.deny	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.1 Ensure permissions on /etc/ssh/sshd_config are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.10 Ensure SSH root login is disabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
5.2.11 Ensure SSH PermitEmptyPasswords is disabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.2.18 Ensure SSH access is limited	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.1 Ensure password creation requirements are configured - lcredit	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.1 Ensure password creation requirements are configured - try_first_pass	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth [default=die] pam_faillock.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth required pam_faillock.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.3 Ensure password reuse is limited - system-auth	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.1.1 Ensure password expiration is 365 days or less - users	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.1.2 Ensure minimum days between password changes is 7 or more - login.defs	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.1.5 Ensure all users last password change date is in the past	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/bashrc	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.5 Ensure root login is restricted to system console	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
6.1.2 Ensure permissions on /etc/passwd are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.5 Ensure permissions on /etc/gshadow are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.12 Ensure no ungrouped files or directories exist	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.1.13 Audit SUID executables	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
6.1.14 Audit SGID executables	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
6.2.4 Ensure no legacy "+" entries exist in /etc/group	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.9 Ensure users own their home directories	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
6.2.12 Ensure no users have .netrc files	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.2.15 Ensure all groups in /etc/passwd exist in /etc/group	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search