Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2 Ensure /tmp is configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.4 Ensure nosuid option set on /tmp partitionCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.8 Ensure nodev option set on /var/tmp partitionCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.10 Ensure noexec option set on /var/tmp partitionCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.2.1 Ensure package manager repositories are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.2.2 Ensure GPG keys are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.7.1.3 Ensure remote login warning banner is configured properly - msrvCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.1.2 Ensure ntp is configured - -u ntp:ntpCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

2.1.3 Ensure Avahi Server is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.5 Ensure DHCP Server is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.7 Ensure NFS and RPC are not enabled - nfsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.12 Ensure Samba is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.12 Ensure Samba is not enabled - statusCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.13 Ensure HTTP Proxy Server is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.15 Ensure mail transfer agent is configured for local-only mode - statusCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.2.1 Ensure NIS Client is not installedCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.2.11 Ensure IMAP and POP3 server is not enabledCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

2.2.11 Ensure IMAP and POP3 server is not enabledCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

CONFIGURATION MANAGEMENT

3.1.2 Ensure packet redirect sending is disabled - net.ipv4.conf.default.send_redirectsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.all.accept_source_routeCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.default.accept_source_routeCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure source routed packets are not accepted - sysctl.conf sysctl.d net.ipv6.conf.all.accept_source_routeCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.default.accept_redirectsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - sysctl.conf sysctl.d net.ipv6.conf.default.accept_redirectsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.4 Ensure suspicious packets are logged - sysctl net.ipv4.conf.all.log_martiansCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - sysctl net.ipv4.conf.default.log_martiansCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

3.2.5 Ensure broadcast ICMP requests are ignored - sysctl net.ipv4.icmp_echo_ignore_broadcastsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.7 Ensure Reverse Path Filtering is enabled - sysctl.conf sysctl.d net.ipv4.conf.all.rp_filterCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.8 Ensure TCP SYN Cookies is enabled - sysctl.conf sysctl.d net.ipv4.tcp_syncookiesCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure /etc/hosts.allow is configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1 Ensure DCCP is disabled - grep modprobe.dCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.5.2.1 Ensure nftables is installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.1 Ensure nftables is installedCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure nftables is installedCIS Debian Family Workstation L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.1.8 Secure Permissions for the Log Mirror Location (MIRRORLOGPATH)CIS IBM DB2 11 v1.2.0 Windows OS Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

4.1.8 Secure Permissions for the Log Overflow Location (OVERFLOWLOGPATH)CIS IBM DB2 12.1 v1.0.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.9 Secure Permissions for the Log Overflow Location (OVERFLOWLOGPATH)CIS IBM DB2 11 v1.2.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.11 Ensure IMAP and POP server is not enabledCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

AZLX-23-001030 - Amazon Linux 2023 must produce audit records containing information to establish what type of events occurred.DISA Amazon Linux 2023 STIG v1r2Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

AZLX-23-002489 - Amazon Linux 2023 must ensure the password complexity module is enabled in the password-auth file.DISA Amazon Linux 2023 STIG v1r2Unix

IDENTIFICATION AND AUTHENTICATION

AZLX-23-002510 - Amazon Linux 2023 must terminate idle user sessions.DISA Amazon Linux 2023 STIG v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP recipientsMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - trojansAlertMcAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

Ensure telnet client is not installed - dpkgTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

RHEL-09-654110 - RHEL 9 must audit all uses of the newgrp command.DISA Red Hat Enterprise Linux 9 STIG v2r8Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-09-654130 - RHEL 9 must audit all uses of the postqueue command.DISA Red Hat Enterprise Linux 9 STIG v2r8Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-09-654190 - Successful/unsuccessful uses of the poweroff command in RHEL 9 must generate an audit record.DISA Red Hat Enterprise Linux 9 STIG v2r8Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-654195 - Successful/unsuccessful uses of the reboot command in RHEL 9 must generate an audit record.DISA Red Hat Enterprise Linux 9 STIG v2r8Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-654240 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA Red Hat Enterprise Linux 9 STIG v2r8Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-09-654255 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/lastlog.DISA Red Hat Enterprise Linux 9 STIG v2r8Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE