Item Search

Name	Audit Name	Plugin	Category
1.1.1 Ensure /tmp is configured	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.2 Ensure /tmp is configured	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.3 Ensure nodev option set on /tmp partition	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.12 Ensure /var/tmp partition includes the nodev option	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.13 Ensure /var/tmp partition includes the nosuid option	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.17 Ensure separate partition exists for /home	CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.2 Ensure core dumps are restricted	CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation	Unix	CONFIGURATION MANAGEMENT
1.5.4 Ensure core dumps are restricted - processsizemax	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.4 Ensure core dumps are restricted - storage	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.4 Ensure core dumps are restricted - sysctl	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.7.2 Ensure local login warning banner is configured properly - banner	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure packet redirect sending is disabled - sysctl net.ipv4.conf.all.send_redirects	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure packet redirect sending is disabled - sysctl net.ipv4.conf.default.send_redirects	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - net.ipv4.conf.default.accept_source_route (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - net.ipv6.conf.default.accept_source_route (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - net.ipv6.conf.default.accept_source_route (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.default.accept_source_route	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - net.ipv4.conf.all.accept_redirects (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - net.ipv4.conf.default.accept_redirects (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.3 Ensure secure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.default.secure_redirects'	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.5 Ensure broadcast ICMP requests are ignored - sysctl.conf/sysctl.d	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.6 Ensure bogus ICMP responses are ignored - (sysctl exec)	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.6 Ensure bogus ICMP responses are ignored - (sysctl exec)	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.default.rp_filter' (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.7 Ensure Reverse Path Filtering is enabled - 'sysctl net.ipv4.conf.all.rp_filter'	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.8 Ensure TCP SYN Cookies is enabled - sysctl.conf/sysctl.d	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.8 Ensure TCP SYN Cookies is enabled - sysctl.conf/sysctl.d	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.9 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra' (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.9 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.default.accept_ra' (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.9 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.all.accept_ra'	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.9 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.default.accept_ra'	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/insmod	CIS Red Hat 6 Workstation L2 v3.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/modprobe	CIS Red Hat 6 Server L2 v3.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (32-bit)	CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (64-bit)	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl insmod	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl modprobe	CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl rmmod	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl rmmod	CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - rules.d /sbin/rmmod	CIS Red Hat 6 Server L2 v3.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - rules.d modules	CIS Red Hat 6 Workstation L2 v3.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.18 Ensure SSH LoginGraceTime is set to one minute or less	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.19 Ensure SSH warning banner is configured	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.20 Ensure SSH PAM is enabled	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.22 Ensure SSH MaxStartups is configured	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.23 Ensure SSH MaxSessions is limited	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.7 Ensure access to the su command is restricted	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.9 Ensure no users have .forward files	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.12 Ensure root PATH Integrity	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
9.2.11 Check Groups in /etc/passwd	CIS Red Hat Enterprise Linux 5 L1 v2.2.1	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search