Detections
Analytics

Item Search

NameAudit NamePluginCategory
ARST-L2-000160 - The Arista MLS layer 2 switch must have all trunk links enabled statically.DISA STIG Arista MLS EOS 4.2x L2S v2r1Arista

CONFIGURATION MANAGEMENT

SLEM-05-232110 - The sticky bit must be set on all SLEM 5 world-writable directories.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SLEM-05-232115 - SLEM 5 must prevent unauthorized users from accessing system error messages.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

SYSTEM AND INFORMATION INTEGRITY

SLEM-05-253015 - SLEM 5 must not forward Internet Protocol version 4 (IPv4) source-routed packets by default.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

CONFIGURATION MANAGEMENT

SLEM-05-253025 - SLEM 5 must not allow interfaces to accept Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages by default.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

CONFIGURATION MANAGEMENT

SLEM-05-253035 - SLEM 5 must not allow interfaces to send Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages by default.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

CONFIGURATION MANAGEMENT

SLEM-05-255015 - SLEM 5 must use SSH to protect the confidentiality and integrity of transmitted information.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SLEM-05-255020 - SLEM 5 must display the Standard Mandatory DOD Notice and Consent Banner before granting access via SSH.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

ACCESS CONTROL

SLEM-05-255040 - SLEM 5 SSH daemon must disable forwarded remote X connections for interactive users, unless to fulfill documented and validated mission requirements.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

CONFIGURATION MANAGEMENT

SLEM-05-255085 - SLEM 5, for PKI-based authentication, must enforce authorized access to the corresponding private key.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

SLEM-05-411045 - SLEM 5 must automatically expire temporary accounts within 72 hours.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

ACCESS CONTROL

SLEM-05-411060 - SLEM 5 must not have unnecessary account capabilities.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

CONFIGURATION MANAGEMENT

SLEM-05-411065 - SLEM 5 root account must be the only account with unrestricted access to the system.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

CONFIGURATION MANAGEMENT

SLEM-05-411075 - SLEM 5 must not have duplicate User IDs (UIDs) for interactive users.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

SLEM-05-431025 - SLEM 5 must prevent nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

ACCESS CONTROL

SLEM-05-432025 - SLEM 5 must restrict privilege elevation to authorized personnel.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

CONFIGURATION MANAGEMENT

SLEM-05-611015 - SLEM 5 must enforce passwords that contain at least one lowercase character.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

SLEM-05-611065 - SLEM 5 must employ user passwords with a minimum lifetime of 24 hours (one day).DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

SLEM-05-611075 - SLEM 5 must employ a password history file.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

SLEM-05-611085 - SLEM 5 shadow password suite must be configured to use a sufficient number of hashing rounds.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

SLEM-05-612010 - SLEM 5 must have the packages required for multifactor authentication to be installed.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

SLEM-05-631020 - SLEM 5, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

IDENTIFICATION AND AUTHENTICATION

SLEM-05-651035 - SLEM 5 must notify the system administrator (SA) when Advanced Intrusion Detection Environment (AIDE) discovers anomalies in the operation of any security functions.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

SYSTEM AND INFORMATION INTEGRITY

SLEM-05-653035 - SLEM 5 audit system must take appropriate action when the audit storage volume is full.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

SLEM-05-653060 - SLEM 5 audit tools must have the proper permissions applied to protect against unauthorized access.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

SLEM-05-653070 - Audispd must offload audit records onto a different system or media from SLEM 5 being audited.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

SLEM-05-653080 - The information system security officer (ISSO) and system administrator (SA), at a minimum, must be alerted of a SLEM 5 audit processing failure event.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

SLEM-05-654030 - SLEM 5 must generate audit records for all uses of the "chmod" command.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

SLEM-05-654080 - SLEM 5 must generate audit records for all uses of the "rm" command.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

SLEM-05-654095 - SLEM 5 must generate audit records for all uses of the "ssh-agent" command.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

SLEM-05-654125 - SLEM 5 must generate audit records for all uses of the "usermod" command.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

SLEM-05-654145 - SLEM 5 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

SLEM-05-654155 - SLEM 5 must generate audit records for all uses of the "chown", "fchown", "fchownat", and "lchown" system calls.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

SLEM-05-654160 - SLEM 5 must generate audit records for all uses of the "creat", "open", "openat", "open_by_handle_at", "truncate", and "ftruncate" system calls.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

SLEM-05-654185 - SLEM 5 must generate audit records for all uses of the "umount" system call.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

SLEM-05-654200 - SLEM 5 must generate audit records for all modifications to the "lastlog" file.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

SLEM-05-654205 - SLEM 5 must generate audit records for all modifications to the "tallylog" file must generate an audit record.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

SLEM-05-654210 - SLEM 5 must audit all uses of the sudoers file and all files in the "/etc/sudoers.d/" directory.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

SLEM-05-654215 - Successful/unsuccessful uses of "setfiles" in SLEM 5 must generate an audit record.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

SLEM-05-654235 - SLEM 5 must generate audit records for the "/var/log/btmp" file.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

AUDIT AND ACCOUNTABILITY

SLEM-05-671010 - FIPS 140-2/140-3 mode must be enabled on SLEM 5.DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SQLI-22-003600 - SQL Server must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types.DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDBMS_SQLDB

ACCESS CONTROL

VMCH-06-000005 - The system must disable virtual disk shrinking.DISA VMware vSphere Virtual Machine Version 6 STIG v1r1VMware

CONFIGURATION MANAGEMENT

VMCH-06-000009 - The unexposed feature keyword isolation.tools.ghi.autologon.disable must be set.DISA VMware vSphere Virtual Machine Version 6 STIG v1r1VMware

ACCESS CONTROL

VMCH-06-000020 - The unexposed feature keyword isolation.tools.unityInterlockOperation.disable must be set.DISA VMware vSphere Virtual Machine Version 6 STIG v1r1VMware

CONFIGURATION MANAGEMENT

VMCH-06-000023 - The unexposed feature keyword isolation.tools.unityActive.disable must be set.DISA VMware vSphere Virtual Machine Version 6 STIG v1r1VMware

CONFIGURATION MANAGEMENT

VMCH-06-000025 - The unexposed feature keyword isolation.tools.vmxDnDVersionGet.disable must be set.DISA VMware vSphere Virtual Machine Version 6 STIG v1r1VMware

CONFIGURATION MANAGEMENT

VMCH-06-000037 - The system must prevent unauthorized removal, connection and modification of devices.DISA VMware vSphere Virtual Machine Version 6 STIG v1r1VMware

ACCESS CONTROL

VMCH-06-000041 - The system must control access to VMs through the dvfilter network APIs.DISA VMware vSphere Virtual Machine Version 6 STIG v1r1VMware

CONFIGURATION MANAGEMENT

VMCH-06-000043 - The system must use templates to deploy VMs whenever possible.DISA VMware vSphere Virtual Machine Version 6 STIG v1r1VMware

CONFIGURATION MANAGEMENT