Detections
Analytics

Item Search

NameAudit NamePluginCategory
UBTU-24-100020 - Ubuntu 24.04 LTS must not have the "ntp" package installed.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

CONFIGURATION MANAGEMENT

UBTU-24-100110 - Ubuntu 24.04 LTS must configure AIDE to perform file integrity checking on the file system if installed.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

SYSTEM AND INFORMATION INTEGRITY

UBTU-24-100200 - Ubuntu 24.04 LTS must be configured to preserve log records from failure events.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-24-100500 - Ubuntu 24.04 LTS must have AppArmor installed.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

UBTU-24-100650 - Ubuntu 24.04 LTS must have the "SSSD" package installed.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-24-100910 - Ubuntu 24.04 LTS must accept Personal Identity Verification (PIV) credentials managed through the Privileged Access Management (PAM) framework.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-24-200020 - Ubuntu 24.04 LTS must initiate a graphical session lock after 10 minutes of inactivity.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

ACCESS CONTROL

UBTU-24-200250 - Ubuntu 24.04 LTS must automatically remove or disable emergency accounts after 72 hours.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

ACCESS CONTROL

UBTU-24-200280 - Ubuntu 24.04 LTS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

UBTU-24-200680 - Ubuntu 24.04 LTS must be configured to enforce the acknowledgement of the Standard Mandatory DOD Notice and Consent Banner for all SSH connections.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

ACCESS CONTROL

UBTU-24-300006 - Ubuntu 24.04 LTS library files must have mode 0755 or less permissive.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

CONFIGURATION MANAGEMENT

UBTU-24-300007 - Ubuntu 24.04 LTS library files must be owned by root.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

CONFIGURATION MANAGEMENT

UBTU-24-300010 - Ubuntu 24.04 LTS library directories must be group-owned by root.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

CONFIGURATION MANAGEMENT

UBTU-24-300019 - Ubuntu 24.04 LTS must restrict privilege elevation to authorized personnel.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-24-300020 - Ubuntu 24.04 LTS must require users to provide a password for privilege escalation.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

CONFIGURATION MANAGEMENT

UBTU-24-400000 - Ubuntu 24.04 LTS must uniquely identify interactive users.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-24-400030 - Ubuntu 24.04 LTS must implement smart card logins for multifactor authentication for local and network access to privileged and nonprivileged accounts over SSH.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-24-400060 - Ubuntu 24.04 LTS must electronically verify Personal Identity Verification (PIV) credentials.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-24-400110 - Ubuntu 24.04 LTS must prevent direct login to the root account.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-24-400290 - Ubuntu 24.04 LTS must require the change of at least eight characters when passwords are changed.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-24-400300 - Ubuntu 24.04 LTS must enforce 24 hours/1 day as the minimum password lifetime. Passwords for new users must have a 24 hours/1 day minimum password lifetime restriction.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-24-400320 - Ubuntu 24.04 LTS must enforce a minimum 15-character password length.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-24-400375 - Ubuntu 24.04 LTS, for PKI-based authentication, Privileged Access Management (PAM) must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-24-500050 - Ubuntu 24.04 LTS must use strong authenticators in establishing nonlocal maintenance and diagnostic sessions.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

MAINTENANCE

UBTU-24-600010 - Ubuntu 24.04 LTS must immediately terminate all network connections associated with SSH traffic at the end of the session or after 10 minutes of inactivity.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-24-600160 - Ubuntu 24.04 LTS must compare internal information system clocks at least every 24 hours with an authoritative time server.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-700010 - Ubuntu 24.04 LTS must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

SYSTEM AND INFORMATION INTEGRITY

UBTU-24-700080 - Ubuntu 24.04 LTS must configure the directories used by the system journal to be owned by "root".DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

SYSTEM AND INFORMATION INTEGRITY

UBTU-24-700320 - Ubuntu 24.04 LTS must be configured so that Advance Package Tool (APT) removes all software components after updated versions have been installed.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

SYSTEM AND INFORMATION INTEGRITY

UBTU-24-900110 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the ssh-agent command.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900150 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900160 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900190 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the chsh command.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900220 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the apparmor_parser command.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900250 - Ubuntu 24.04 LTS must generate audit records for the use and modification of faillog file.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900280 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the unix_update command.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900290 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the gpasswd command.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900300 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the chage command.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900740 - Ubuntu 24.04 LTS must generate audit records when successful/unsuccessful attempts to use the kmod command.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900960 - Ubuntu 24.04 LTS must immediately notify the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-901240 - Ubuntu 24.04 LTS must configure audit tools to be owned by root.DISA Canonical Ubuntu 24.04 LTS STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

VCTR-67-000005 - The vCenter Server users must have the correct roles assigned.DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

SYSTEM AND COMMUNICATIONS PROTECTION

VCTR-67-000007 - The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information-flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC).DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

CONFIGURATION MANAGEMENT

VCTR-67-000010 - The vCenter Server must limit the use of the built-in SSO administrative account.DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

IDENTIFICATION AND AUTHENTICATION

VCTR-67-000042 - The vCenter Server passwords must contain at least one numeric character.DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

IDENTIFICATION AND AUTHENTICATION

VCTR-67-000060 - The vCenter Server must enable revocation checking for certificate-based authentication.DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

CONFIGURATION MANAGEMENT

VCTR-67-000062 - The vCenter Server must enable the login banner for vSphere Client.DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

CONFIGURATION MANAGEMENT

VCTR-67-000065 - The vCenter Server must have Mutual CHAP configured for vSAN iSCSI targets.DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

CONFIGURATION MANAGEMENT

VCTR-67-000077 - The vCenter Server must enable TLS 1.2 exclusively.DISA STIG VMware vSphere 6.7 vCenter v1r4VMware

CONFIGURATION MANAGEMENT

WG400 A22 - All interactive programs (CGI) must be placed in a designated directory with appropriate permissions.DISA STIG Apache Site 2.2 Unix v1r11 MiddlewareUnix

ACCESS CONTROL