Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.4 Ensure Service Runlevel Is Registered And Set CorrectlyCIS PostgreSQL 9.6 OS v1.0.0Unix

SYSTEM AND SERVICES ACQUISITION

2.1 Ensure the file permissions mask is correctCIS PostgreSQL 9.6 OS v1.0.0Unix

ACCESS CONTROL

2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/groupCIS PostgreSQL 9.6 OS v1.0.0Unix

ACCESS CONTROL

3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.6 Ensure the log file permissions are set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

3.1.17 Ensure 'debug_pretty_print' is enabledCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.23 Ensure 'log_statement' is set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - pgaudit installedCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - pgaudit installedCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.5 Disable Network Routing - Make sure that ipv6-routing is disabledCIS Solaris 10 L1 v5.2Unix
4.4 Ensure excessive function privileges are revokedCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

4.6 Ensure Row Level Security (RLS) is configured correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

ACCESS CONTROL

4.6 Ensure the set_user extension is installedCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

5.1 Ensure login via 'local' UNIX Domain Socket is configured correctlyCIS PostgreSQL 9.5 OS v1.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.1 Ensure login via 'local' UNIX Domain Socket is configured correctlyCIS PostgreSQL 9.6 OS v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1 Ensure 'Attack Vectors' Runtime Parameters are ConfiguredCIS PostgreSQL 9.5 OS v1.1.0Unix
6.1.5 Set SSH MaxAuthTriesLog to 0 - Check if MaxAuthTriesLog is set to 0 and not commented for the server.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

6.1.9 Disable SSH root Login - Check if PermitRootLogin is set to no and not commented for the server.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.1.11 Set SSH Banner - Check if Banner is not commented and set to /etc/issue for the serverCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.2 Disable login: Prompts on Serial Ports - Check if x is added to the flag field for ttyaCIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

6.2 Disable login: Prompts on Serial Ports - Check if x is added to the flag field for ttybCIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

6.4 Ensure 'SIGHUP' Runtime Parameters are ConfiguredCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

SYSTEM AND SERVICES ACQUISITION

6.5 Ensure 'Superuser' Runtime Parameters are ConfiguredCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.5 Restrict FTP Use - Audit the list of users in /etc/ftpd/ftpusers.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabledCIS PostgreSQL 9.5 OS v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 9.6 OS v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Set Default Screen Lock for CDE Users - Check if 'dtsession*saverTimeout' is set to 10.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.9 Ensure the pgcrypto extension is installed and configured correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

6.9 Restrict at/cron To Authorized Users - should pass if 'root' exists in /etc/cron.d/cron.allow.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.9 Restrict at/cron To Authorized Users - should pass if /etc/cron.d/at.allow does not contain any scheduled jobs.CIS Solaris 10 L1 v5.2Unix
7.1 Disable System Accounts - Ensure account 'daemon' is locked.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.1 Disable System Accounts - Ensure account 'listen' is locked.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.1 Disable System Accounts - Ensure account 'nobody4' is locked.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.1 Disable System Accounts - Ensure account 'webservd' is locked.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.1 Disable System Accounts - should pass if the default shell for 'listen' is set to /usr/bin/false.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.1 Ensure SSL Certificates are Configured For Replication - ssl key fileCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure base backups are configured and functionalCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

CONTINGENCY PLANNING

7.3 Ensure base backups are configured and functionalCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

CONTINGENCY PLANNING

7.5 Ensure streaming replication parameters are configured correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_ALGORITHMS_ALLOW'CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_DEFAULT'CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

8.3 Create Warning Banner for GNOME Users - CDE package was not foundCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

8.4 Ensure miscellaneous configuration settings are correctCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT

9.2 Verify System File Permissions - /etc/passwd File Permissions.CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

9.4 Verify No Legacy '+' Entries Exist in passwd, shadow, and group Files - Check for passwdCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

9.11 Check Groups in /etc/passwdCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

9.17 Check That Reserved UIDs Are Assigned to System AccountsCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

9.18 Check for Duplicate User NamesCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

9.23 Find SUID/SGID System ExecutablesCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL