Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1 Disable Local-only Graphical Login EnvironmentCIS Solaris 11.1 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.4 Disable NIS Server Services - serverCIS Solaris 11.1 L1 v1.0.0Unix
2.8 Disable Removable Volume Manager - rmvolmgrCIS Solaris 11.1 L1 v1.0.0Unix
2.10 Disable Apache ServiceCIS Solaris 11.1 L1 v1.0.0Unix
2.11 Configure TCP Wrappers - inetadm tcp_wrapers = trueCIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.11 Configure TCP Wrappers - svcprop tcp_wrappers falseCIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.12 Disable Telnet ServiceCIS Solaris 11.1 L1 v1.0.0Unix
3.1 Restrict Core Dumps to Protected Directory - global core file patternCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

3.1 Restrict Core Dumps to Protected Directory - per-process core dumps = disabledCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

3.1 Restrict Core Dumps to Protected Directory - per-process setid core dumps = disabledCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

3.5 Disable Directed Broadcast Packet Forwarding - current ip = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5 Disable Network Routing - Make sure that ipv6-routing is disabledCIS Solaris 10 L1 v5.2Unix
3.6 Disable Response to ICMP Timestamp Requests - persistent ip = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.10 Disable Response to Multicast Echo Request - persistent ipv6 = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.12 Set Strict Multihoming - current ipv4 = 0CIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.17 Disable Network Routing - ipv6-routing persistent = disabledCIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.1 Ensure login via 'local' UNIX Domain Socket is configured correctlyCIS PostgreSQL 9.6 OS v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.1 Set Sticky Bit on World Writable DirectoriesCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.1.5 Set SSH MaxAuthTriesLog to 0 - Check if MaxAuthTriesLog is set to 0 and not commented for the server.CIS Solaris 10 L1 v5.2Unix

AUDIT AND ACCOUNTABILITY

6.1.9 Disable SSH root Login - Check if PermitRootLogin is set to no and not commented for the server.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.1.11 Set SSH Banner - Check if Banner is not commented and set to /etc/issue for the serverCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.2 Disable login: Prompts on Serial Ports - Check if x is added to the flag field for ttyaCIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

6.2 Disable login: Prompts on Serial Ports - Check if x is added to the flag field for ttybCIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

6.4 Limit Consecutive Login Attempts for SSH - MaxAuthTries = 6CIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.5 Restrict FTP Use - Audit the list of users in /etc/ftpd/ftpusers.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 9.6 OS v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Set Default Screen Lock for CDE Users - Check if 'dtsession*saverTimeout' is set to 10.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.9 Restrict at/cron To Authorized Users - should pass if 'root' exists in /etc/cron.d/cron.allow.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.9 Restrict at/cron To Authorized Users - should pass if /etc/cron.d/at.allow does not contain any scheduled jobs.CIS Solaris 10 L1 v5.2Unix
6.10 Set Delay between Failed Login Attempts to 4 - SLEEPTIME = 4CIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.13 Restrict at/cron to Authorized Users - /etc/cron.d/cron.allow permsCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.13 Restrict at/cron to Authorized Users - /etc/cron.d/cron.denyCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.17 Secure the GRUB Menu (Intel) - grub.cfg passwordCIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

6.17 Secure the GRUB Menu (Intel) - grub.d/01_passwordCIS Solaris 11.1 L1 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

7.1 Disable System Accounts - Ensure account 'daemon' is locked.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.1 Disable System Accounts - Ensure account 'listen' is locked.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.1 Disable System Accounts - Ensure account 'nobody4' is locked.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.1 Disable System Accounts - Ensure account 'webservd' is locked.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.1 Disable System Accounts - should pass if the default shell for 'listen' is set to /usr/bin/false.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_ALGORITHMS_ALLOW'CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_DEFAULT'CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

8.3 Create Warning Banner for GNOME Users - CDE package was not foundCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

9.2 Verify System File Permissions - /etc/passwd File Permissions.CIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

9.4 Verify No Legacy '+' Entries Exist in passwd, shadow, and group Files - Check for passwdCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

9.9 Check Permissions on User .netrc Files. Please audit the results of this check and take action in accordance with corporate policy.CIS Solaris 10 L1 v5.2Unix

CONFIGURATION MANAGEMENT

9.11 Check Groups in /etc/passwdCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

9.17 Check That Reserved UIDs Are Assigned to System AccountsCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

9.18 Check for Duplicate User NamesCIS Solaris 10 L1 v5.2Unix

IDENTIFICATION AND AUTHENTICATION

9.23 Find SUID/SGID System ExecutablesCIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

10.5 Create symlinks for dangerous files - /.shostsCIS Solaris 10 L2 v5.2Unix