Detections
Analytics

Item Search

NameAudit NamePluginCategory
ADBP-XI-000295 - The Adobe Acrobat Pro XI send and Track plugin for Outlook must be disabled.DISA Adobe Acrobat Pro XI STIG v1r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

ADBP-XI-001285 - Adobe Acrobat Pro XI must disable the ability to store files on Acrobat.com.DISA Adobe Acrobat Pro XI STIG v1r2Windows

CONFIGURATION MANAGEMENT

ADBP-XI-001335 - Adobe Acrobat Pro XI certified document trust must be disabled.DISA Adobe Acrobat Pro XI STIG v1r2Windows

CONFIGURATION MANAGEMENT

AIOS-02-090101 - Apple iOS must implement the management setting: Disable Allow iCloud Photo Library.AirWatch - DISA Apple iOS 10 v1r3MDM

CONFIGURATION MANAGEMENT

AIOS-03-080101 - Apple iOS must implement the management setting: use SSL for Exchange ActiveSync.AirWatch - DISA Apple iOS 10 v1r3MDM

CONFIGURATION MANAGEMENT

AIOS-10-080102 - Apple iOS must implement the management setting: remove managed applications upon unenrollment from MDM.AirWatch - DISA Apple iOS 10 v1r3MDM

CONFIGURATION MANAGEMENT

AIX7-00-002142 - The AIX /etc/hosts file must have a mode of 0640 or less permissive.DISA STIG AIX 7.x v3r1Unix

CONFIGURATION MANAGEMENT

AIX7-00-002143 - AIX cron and crontab directories must have a mode of 0640 or less permissive.DISA STIG AIX 7.x v3r1Unix

CONFIGURATION MANAGEMENT

AZLX-23-000215 - Amazon Linux 2023 must disable access to network bpf system call from nonprivileged processes.DISA Amazon Linux 2023 STIG v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AZLX-23-000225 - Amazon Linux 2023 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.DISA Amazon Linux 2023 STIG v1r2Unix

SYSTEM AND INFORMATION INTEGRITY

AZLX-23-002185 - Amazon Linux 2023 must audit all uses of the shutdown command.DISA Amazon Linux 2023 STIG v1r2Unix

AUDIT AND ACCOUNTABILITY

AZLX-23-002270 - Amazon Linux 2023 must ensure the audit log directory be owned by root to prevent unauthorized read access.DISA Amazon Linux 2023 STIG v1r2Unix

SYSTEM AND INFORMATION INTEGRITY

AZLX-23-002275 - Amazon Linux 2023 audit logs file must have mode "0600" or less permissive to prevent unauthorized access to the audit log.DISA Amazon Linux 2023 STIG v1r2Unix

SYSTEM AND INFORMATION INTEGRITY

AZLX-23-002325 - Amazon Linux 2023 must ensure the /var/log directory be group-owned by root.DISA Amazon Linux 2023 STIG v1r2Unix

SYSTEM AND INFORMATION INTEGRITY

AZLX-23-002330 - Amazon Linux 2023 must ensure the /var/log/messages file have mode "0640" or less permissive.DISA Amazon Linux 2023 STIG v1r2Unix

SYSTEM AND INFORMATION INTEGRITY

AZLX-23-002455 - Amazon Linux 2023 must automatically lock an account when three unsuccessful logon attempts occur.DISA Amazon Linux 2023 STIG v1r2Unix

ACCESS CONTROL

AZLX-23-002460 - Amazon Linux 2023 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.DISA Amazon Linux 2023 STIG v1r2Unix

ACCESS CONTROL

AZLX-23-002470 - Amazon Linux 2023 must maintain an account lock until the locked account is released by an administrator.DISA Amazon Linux 2023 STIG v1r2Unix

ACCESS CONTROL

AZLX-23-002505 - Amazon Linux 2023 must ensure all world-writable directories be owned by root, sys, bin, or an application user.DISA Amazon Linux 2023 STIG v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

GEN002060 - All .rhosts, .shosts, .netrc, or hosts.equiv files must be accessible by only root or the owner - '~/.shosts' - userDISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN002360 - Audio devices must be group-owned by root, sys, bin, or system.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN003080 - Crontab files must have mode 0600 or less permissive.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN003140 - Cron and crontab directories must be group-owned by system, sys, bin, or cron.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN003180 - The cronlog file must have mode 0600 or less permissive.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN003430 - The 'at' directory must be group-owned by system, bin, sys, or cron.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN003440 - 'At' jobs must not set the umask to a value less restrictive than 077 - '/var/spool/atjobs/*'DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN003440 - 'At' jobs must not set the umask to a value less restrictive than 077 - '/var/spool/cron/atjobs/*'DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN003720 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be owned by root or bin - 'inetd.conf'DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN003730 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be group-owned by bin, sys, or system - 'xinetd.d'DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN003920 - The hosts.lpd (or equivalent) file must be owned by root, bin, sys, or lpDISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN003940 - The hosts.lpd (or equivalent) must have mode 0644 or less permissive.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN004710 - Mail relaying must be restricted.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN004880 - The ftpusers file must exist.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN004940 - The ftpusers file must have mode 0640 or less permissive.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN005390 - The /etc/syslog.conf file must have mode 0640 or less permissive.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN005400 - The /etc/syslog.conf file must be owned by root.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN005504 - The SSH daemon must only listen on management network addresses unless authorized for uses other than management.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN005522 - The SSH public host key files must have mode 0644 or less permissive.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN005750 - The NFS export configuration file must be group-owned by root, bin, sys, or system.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN006180 - The /var/private/smbpasswd file must be group-owned by sys or system.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN006240 - The system must not run an Internet Network News (INN) server.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN006280 - The /etc/news/hosts.nntp.nolimit (or equivalent) must have mode 0600 or less permissive.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN006640 - The system must use and update a DoD-approved virus scan program - 'scan.dat'DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN008000 - Certificates used to authenticate to the LDAP server must be provided from DoD-approved external PKI - 'Not Applicable'DISA AIX 5.3 STIG v1r2Unix

IDENTIFICATION AND AUTHENTICATION

GEN008020 - The LDAP TLS connection must require a certificate and this certificate has a valid path to a trusted CA - 'Not Applicable'DISA AIX 5.3 STIG v1r2Unix

IDENTIFICATION AND AUTHENTICATION

GEN008080 - If the system is using LDAP the /etc/ldap.conf file must be owned by rootDISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN008100 - If the system is using LDAP the /etc/ldap.conf file must be group-owned by security, bin, sys, or systemDISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN008140 - The TLS certificate authority file and/or directory (as appropriate) must be owned by rootDISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN009190 - The system must not have the comsat service active.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN009210 - The system must not have the discard service active.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT