Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Use the Latest Package UpdatesCIS Solaris 11.2 L1 v1.1.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.5 Disable NIS Client Services - domainCIS Solaris 11 L1 v1.1.0Unix
2.6 Disable Kerberos TGT Expiration WarningCIS Solaris 11 L1 v1.1.0Unix
2.7 Disable Generic Security Services (GSS)CIS Solaris 11 L1 v1.1.0Unix
2.8 Disable Removable Volume Manager - rmvolmgrCIS Solaris 11 L1 v1.1.0Unix
2.10 Disable Apache ServiceCIS Solaris 11.2 L1 v1.1.0Unix
2.11 Configure TCP Wrappers - hosts.allowCIS Solaris 11.2 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.11 Configure TCP Wrappers - inetadm tcp_wrapers = trueCIS Solaris 11.2 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.11 Disable Local-only RPC Port Mapping ServiceCIS Solaris 11 L1 v1.1.0Unix
3.1 Restrict Core Dumps to Protected Directory - /var/coresCIS Solaris 11 L1 v1.1.0Unix
3.1 Restrict Core Dumps to Protected Directory - global core file contentCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

3.4 Disable Source Packet Forwarding - current ipv4 = 0CIS Solaris 11.2 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5 Disable Directed Broadcast Packet Forwarding - current ip = 0CIS Solaris 11.2 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5 Disable Directed Broadcast Packet Forwarding - persistent ip = 0CIS Solaris 11.2 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.7 Disable Response to ICMP Broadcast Timestamp Requests - current ip = 0CIS Solaris 11.2 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.8 Disable Response to ICMP Broadcast Netmask Requests - current ip = 0CIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.10 Disable Response to Multicast Echo Request - current ipv4 = 0CIS Solaris 11.2 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.10 Disable Response to Multicast Echo Request - persistent ipv4 = 0CIS Solaris 11.2 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.11 Ignore ICMP Redirect Messages - current ipv4 = 1CIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.12 Set Strict Multihoming - current ipv4 = 0CIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.13 Disable ICMP Redirect Messages - persistent ipv4 = 0CIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.13 Disable ICMP Redirect Messages - persistent ipv6 = 0CIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.15 Set Maximum Number of Half-open TCP Connections - persistent tcp = 4096CIS Solaris 11.2 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.17 Disable Network Routing - ipv4-forwarding persistent = disabledCIS Solaris 11.2 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.17 Disable Network Routing - ipv4-forwarding current = disabledCIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.17 Disable Network Routing - ipv4-forwarding persistent = disabledCIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.1 Set Sticky Bit on World Writable DirectoriesCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

6.5 Disable Rhost-based Authentication for SSHCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.8 Disable Host-based Authentication for Login-based Services - rlogin auth sufficient pam_rhosts_auth.so.1CIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.9 Restrict FTP Use - /etc/ftpd/ftpusersCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

6.11 Remove Autologin Capabilities from the GNOME desktop - pam.d/gdm-autologinCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

6.12 Set Default Screen Lock for GNOME Users - timeout = 10CIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

6.13 Restrict at/cron to Authorized Users - /etc/cron.d/cron.allow permsCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

6.14 Restrict root Login to System Console - CONSOLE = /dev/consoleCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

6.16 Set EEPROM Security Mode and Log Failed Access (SPARC) - eeprom security-#badlogins = 0CIS Solaris 11.2 L1 v1.1.0Unix

SYSTEM AND INFORMATION INTEGRITY

6.16 Set EEPROM Security Mode and Log Failed Access (SPARC) - eeprom security-mode = commandCIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND INFORMATION INTEGRITY

6.17 Secure the GRUB Menu (Intel) - lockCIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND INFORMATION INTEGRITY

6.17 Secure the GRUB Menu (Intel) - menu.lst permsCIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND INFORMATION INTEGRITY

7.2 Set Strong Password Creation Policies - MINALPHA = 2CIS Solaris 11.2 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.2 Set Strong Password Creation Policies - MINNONALPHA = 1CIS Solaris 11.2 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

7.5 Set "mesg n" as Default for All Users - /etc/.login mesg = nCIS Solaris 11.2 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.1 Check for Remote ConsolesCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

9.4 Ensure Password Fields are Not EmptyCIS Solaris 11.1 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

9.6 Ensure root PATH Integrity - writeable dir in pathCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

9.7 Check Permissions on User Home DirectoriesCIS Solaris 11.1 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

9.8 Check Permissions on User '.' (Hidden) FilesCIS Solaris 11.1 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

9.12 Check That Users Are Assigned Home DirectoriesCIS Solaris 11.2 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.14 Check User Home Directory OwnershipCIS Solaris 11.2 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.17 Check for Duplicate User NamesCIS Solaris 11.2 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

9.19 Check for Presence of User .netrc FilesCIS Solaris 11.2 L1 v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION