Item Search

Name	Audit Name	Plugin	Category
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobe	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - lsmod	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of hfs filesystems is disabled - lsmod	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of hfs filesystems is disabled - lsmod	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of hfs filesystems is disabled - modprobe	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - modprobe	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.6 Ensure mounting of squashfs filesystems is disabled - lsmod	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.7 Ensure mounting of udf filesystems is disabled - modprobe	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.8 Ensure mounting of FAT filesystems is limited - lsmod	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.8 Ensure nodev option set on /var/tmp partition	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.13 Ensure separate partition exists for /home	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.16 Ensure nosuid option set on /dev/shm partition	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.18 Ensure nodev option set on removable media partitions	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.19 Ensure nosuid option set on removable media partitions	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.21 Ensure sticky bit is set on all world-writable directories	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.1 Ensure core dumps are restricted - limits.conf	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.1 Ensure core dumps are restricted - sysctl	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.1 Ensure core dumps are restricted - sysctl	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.7.1.2 Ensure local login warning banner is configured properly	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.7.2 Ensure GDM login banner is configured - banner message text	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify date and time information are collected - '/etc/localtime'	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify date and time information are collected - 'auditctl adjtimex (64-bit)'	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify date and time information are collected - 'auditctl clock_settime (64-bit)'	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify date and time information are collected - 'auditctl clock_settime'	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify date and time information are collected - 'clock_settime - 64bit'	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.7 Ensure events that modify the system's network environment are collected - /etc/issue.net	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.7 Ensure events that modify the system's network environment are collected - auditctl /etc/issue.net	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.7 Ensure events that modify the system's network environment are collected - auditctl b32 sethostname	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.7 Ensure events that modify the system's network environment are collected - b64 sethostname	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor.d/	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /usr/share/selinux/	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.11 Ensure discretionary access control permission modification events are collected - auditctl b32 chmod fchmod	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.11 Ensure discretionary access control permission modification events are collected - auditctl b64 setxattr	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.13 Ensure use of privileged commands is collected	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.18 Ensure kernel module loading and unloading is collected - auditctl modprobe	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.18 Ensure kernel module loading and unloading is collected - init_module	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.2.1.4 Ensure rsyslog default file permissions configured	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.2.1.4 Ensure rsyslog default file permissions configured	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.2.3 Ensure permissions on all logfiles are configured	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.2 Ensure permissions on /etc/crontab are configured	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.3 Ensure permissions on SSH public host key files are configured	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.19 Ensure SSH warning banner is configured	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.20 Ensure SSH PAM is enabled	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
6.1.13 Audit SUID executables	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.5 Ensure root is the only UID 0 account	CIS Debian 9 Workstation L1 v1.0.1	Unix	CONFIGURATION MANAGEMENT
6.2.6 Ensure root PATH Integrity	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.11 Ensure no users have .forward files	CIS Debian 9 Workstation L1 v1.0.1	Unix	CONFIGURATION MANAGEMENT
6.2.20 Ensure shadow group is empty	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search