Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.4 Disable NIS Server Services - domainCIS Solaris 11.1 L1 v1.0.0Unix
2.6 Disable Kerberos TGT Expiration WarningCIS Solaris 11.1 L1 v1.0.0Unix
2.7 Disable Generic Security Services (GSS)CIS Solaris 11.1 L1 v1.0.0Unix
3.1 Restrict Core Dumps to Protected Directory - /var/share/coresCIS Solaris 11.1 L1 v1.0.0Unix
3.1 Restrict Core Dumps to Protected Directory - global setid core dumps = enabledCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

3.1 Restrict Core Dumps to Protected Directory - init core file contentCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

3.4 Disable Source Packet Forwarding - current ipv4 = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4 Disable Source Packet Forwarding - current ipv6 = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6 Disable Response to ICMP Timestamp Requests - current ip = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.10 Disable Response to Multicast Echo Request - current ipv4 = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.10 Disable Response to Multicast Echo Request - current ipv6 = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.12 Set Strict Multihoming - persistent ipv4 = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.12 Set Strict Multihoming - persistent ipv6 = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.13 Disable ICMP Redirect Messages - current ipv6 = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.14 Disable TCP Reverse IP Source Routing - current tcp = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.15 Set Maximum Number of Half-open TCP Connections - current tcp = 4096CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.16 Set Maximum Number of Incoming Connections - current tcp = 1024CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.17 Disable Network Routing - ipv4-forwarding current = disabledCIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.5 Disable Rhost-based Authentication for SSH - IgnoreRhosts = yesCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.7 Blocking Authentication Using Empty/Null Passwords for SSH - PermitEmptyPasswords = noCIS Solaris 11.1 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.9 Restrict FTP UseCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.11 Remove Autologin Capabilities from the GNOME desktop - pam.confCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.12 Set Default Screen Lock for GNOME Users - lockTimeout = 0CIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.13 Restrict at/cron to Authorized Users - /etc/cron.d/at.allowCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.15 Set Retry Limit for Account Lockout - LOCK_AFTER_RETRIES = yesCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.17 Secure the GRUB Menu (Intel) - passwd.cfg - superusersCIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

7.1 Disable System Accounts - Ensure account 'sys' disallows password loginCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.1 Disable System Accounts - should pass if the default shell for 'lp' is set to /usr/bin/false.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.1 Disable System Accounts - should pass if the default shell for 'uucp' is set to /usr/bin/false.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.2 Set Strong Password Creation Policies - DICTIONLIST = /usr/share/lib/dict/wordsCIS Solaris 11.1 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - NAMECHECK = yesCIS Solaris 11.1 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_DEFAULT'CIS Solaris 10 L2 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

8.1 Create Warnings for Standard Login Services - etc/issue permsCIS Solaris 11.1 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

8.1 Create Warnings for Standard Login Services - etc/motd permsCIS Solaris 11.1 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

8.2 Enable a Warning Banner for the SSH Service - Banner = /etc/issueCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

8.3 Create Warning Banner for GNOME Users - Check if banner is set correctlyCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.4 Enable a Warning Banner for the FTP service - DisplayConnect /etc/issueCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

8.5 Check Banner Setting for telnet is NullCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.5 Check that the Banner Setting for telnet is Null - BANNER =CIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

9.1 Check for Remote ConsolesCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

9.2 Verify System File Permissions - /etc/shadow File Permissions.CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

9.4 Verify No Legacy '+' Entries Exist in passwd, shadow, and group Files - Check for groupCIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

9.10 Check for Presence of User .rhosts FilesCIS Solaris 11.1 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

9.19 Check for Duplicate Group NamesCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

9.19 Check for Duplicate Group NamesCIS Solaris 11.1 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

9.21 Check for presence of user .forward files - Checks for the presence of .forward files in home directories.CIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

9.22 Find World Writable FilesCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

9.24 Find Un-owned Files and DirectoriesCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

10.2 Use full path names in /etc/dfs/dfstab fileCIS Solaris 10 L2 v5.2Unix

CONFIGURATION MANAGEMENT

11.4 Samba: Set Secure Permissions on smbpasswd FileCIS Solaris 10 L2 v5.2Unix