Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.14 Ensure nodev option set on /home partitionCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.16 Ensure nosuid option set on /dev/shm partitionCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.4.1 Ensure permissions on bootloader config are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.7.1.1 Ensure message of the day is configured properly - banner textCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.7.1.2 Ensure local login warning banner is configured properly - banner checkCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.7.1.3 Ensure remote login warning banner is configured properly - msrvCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.1.1 Ensure time synchronization is in useCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

2.1.7 Ensure NFS and RPC are not enabled - nfs statusCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.7 Ensure NFS and RPC are not enabled - rpcbindCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.11 Ensure IMAP and POP3 server is not enabled - statusCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.12 Ensure Samba is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.16 Ensure NIS Server is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.16 Ensure NIS Server is not enabled - statusCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.17 Ensure rsh server is not enabled - rlogin.socket statusCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.20 Ensure rsync service is not enabled - statusCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.21 Ensure talk server is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.2.1 Ensure NIS Client is not installedCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.2.2 Ensure rsh client is not installedCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.2.3 Ensure talk client is not installedCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.2.4 Ensure telnet client is not installedCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

3.1.1 Ensure IP forwarding is disabled - ipv6 sysctl.conf sysctl.dCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.1.2 Ensure packet redirect sending is disabled - net.ipv4.conf.all.send_redirectsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.1.2 Ensure packet redirect sending is disabled - net.ipv4.conf.default.send_redirectsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.default.accept_source_routeCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.default.accept_redirectsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - sysctl.conf sysctl.d net.ipv4.conf.default.accept_redirectsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - sysctl.conf sysctl.d net.ipv6.conf.all.accept_redirectsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.4 Ensure suspicious packets are logged - sysctl net.ipv4.conf.default.log_martiansCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

3.2.5 Ensure broadcast ICMP requests are ignored - sysctl.conf sysctl.d net.ipv4.icmp_echo_ignore_broadcastsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.6 Ensure bogus ICMP responses are ignored - sysctl net.ipv4.icmp_ignore_bogus_error_responsesCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.6 Ensure bogus ICMP responses are ignored - sysctl.conf sysctl.d net.ipv4.icmp_ignore_bogus_error_responsesCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.7 Ensure Reverse Path Filtering is enabled - sysctl net.ipv4.conf.all.rp_filterCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.8 Ensure TCP SYN Cookies is enabled - sysctl.conf sysctl.d net.ipv4.tcp_syncookiesCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.9 Ensure IPv6 router advertisements are not accepted - sysctl net.ipv6.conf.default.accept_raCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.9 Ensure IPv6 router advertisements are not accepted - sysctl.conf sysctl.d net.ipv6.conf.default.accept_raCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure TCP Wrappers is installedCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.4.1.1 Ensure latest version of pam is installedCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.4.2.2.2 Ensure password number of changed characters is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.4.2.2.3 Ensure password length is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.4.2.2.7 Ensure password dictionary check is enabledCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.4.2.4.1 Ensure pam_unix does not include nullokCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.1.2.1.2 Ensure systemd-journal-remote is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.5 Ensure journald is not configured to send logs to rsyslogCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.4 Ensure all logfiles have appropriate access configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.3.1 Ensure AIDE is installedCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

6.1.1 Ensure permissions on /etc/passwd are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.2 Ensure permissions on /etc/passwd- are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.3 Ensure permissions on /etc/group are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.6 Ensure permissions on /etc/shadow- are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2.11 Ensure local interactive user dot files access is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION