Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1 Enable Secure Admin Access - 'ssh.access has been configured'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.5 Review Application Firewall RulesCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.5 Review Application Firewall RulesCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.mgmt_data_traffic = on'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.nfs is not blank'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.snapmirror is not blank'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.1 Ensure IP forwarding is disabled (sysctl exec)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.1 Ensure IP forwarding is disabled (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled - 'sysctl net.ipv4.conf.all.send_redirects'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled - 'sysctl net.ipv4.conf.default.send_redirects'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.2 Ensure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.all.accept_redirects'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.all.secure_redirects' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.5 Ensure broadcast ICMP requests are ignored (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.6 Ensure bogus ICMP responses are ignored (sysctl exec)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.all.rp_filter' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.default.rp_filter' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.7 Ensure Reverse Path Filtering is enabled - 'sysctl net.ipv4.conf.all.rp_filter'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.8 Ensure TCP SYN Cookies is enabled (sysctl exec)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.default.accept_ra' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Ensure IPv6 redirects are not accepted - 'sysctl net.ipv6.conf.all.accept_redirects'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Ensure IPv6 redirects are not accepted - 'sysctl net.ipv6.conf.default.accept_redirects'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4 Disable Source Packet Forwarding - persistent ipv4 = 0CIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5 Disable Directed Broadcast Packet Forwarding - persistent ip = 0CIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6 Disable Response to ICMP Timestamp Requests - persistent ip = 0CIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - 'Chain FORWARD'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - 'Chain OUTPUT'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - FORWARDCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - INPUTCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - OUTPUTCIS Oracle Linux 6 Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.2 Ensure IPv4 loopback traffic is configured - INPUTCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.3 Ensure IPv4 outbound and established connections are configuredCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - FORWARDCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - OUTPUTCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - OUTPUTCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.2 Ensure IPv6 loopback traffic is configured - INPUTCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.2 Ensure IPv6 loopback traffic is configured - OUTPUTCIS Oracle Linux 6 Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.4 Ensure IPv6 firewall rules exist for all open ports - ssCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.17 Disable Network Routing - ipv6-forwarding current = disabledCIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.17 Disable Network Routing - ipv6-routing current = disabledCIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.1.1 Ensure allow and deny filters limit access to specific IP addressesCIS NGINX Benchmark v2.1.0 L2 WebserverUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zoneCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0Palo_Alto

SYSTEM AND COMMUNICATIONS PROTECTION

7.2.1 Disable Source Routed Packet Acceptance - 'net.ipv4.conf.default.accept_source_route = 0'CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.2.2 Disable ICMP Redirect Acceptance - 'net.ipv4.conf.all.accept_redirects = 0'CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.2.2 Disable ICMP Redirect Acceptance - 'net.ipv4.conf.default.accept_redirects = 0'CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.2.3 Disable Secure ICMP Redirect Acceptance - 'net.ipv4.conf.all.secure_redirects=0'CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.3.2 Disable IPv6 Redirect Acceptance - - 'net.ipv6.conf.default.accept_redirects = 0'CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure default deny firewall policy - Chain INPUTTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Restrict allowed IPv6 addresses used by each VM guestTNS Citrix HypervisorUnix

SYSTEM AND COMMUNICATIONS PROTECTION