Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.5.2.1 Set 'Windows Firewall: Private: Firewall state' to 'On (recommended)'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.3.1 Set 'Windows Firewall: Public: Outbound connections' to 'Allow (default)'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.3 Enable FirewallCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.cifs is not blank'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.ftpd has been configured'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.ndmp has been configured'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.1 Ensure IP forwarding is disabled - sysctlCIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled - 'net.ipv4.conf.default.send_redirects = 0 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled 'net.ipv4.conf.all.send_redirects = 0 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled 'net.ipv4.conf.default.send_redirects = 0 - sysctl'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.6 Disable Response to ICMP Netmask Requests - Check ip_respond_to_address_mask_broadcast value. Expected value: 0.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.7 Disable ICMPv6 Redirect Messages - Check ip6_send_redirects value. Expected value: 1.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.9 Disable Response to Multicast Echo Request - Check ip_respond_to_echo_multicast value. Expected value: 0.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.17 Set Maximum Number of Incoming Connections - Check tcp_conn_req_max_q value. Expected value: 1024.CIS Solaris 10 L1 v5.2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Data ONTAP (Software) Mgmt - 'httpd.admin.hostsequiv.enable = off'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.1 Ensure packet redirect sending is disabled - all /etc/sysctl.conf /etc/sysctl.d/*CIS Debian Family Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure packet redirect sending is disabled - default sysctlCIS Debian Family Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.all.accept_source_route = 0 - sysctl'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.2 Ensure IP forwarding is disabled - ipv6 /etc/sysctl.conf /etc/sysctl.d/*CIS Debian Family Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure IP forwarding is disabled - ipv6 /etc/sysctl.conf /etc/sysctl.d/*CIS Debian Family Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.default.secure_redirects = 0 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.all.rp_filter = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra = 0 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra = 0 sysctl'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.default.accept_ra = 0 /etc/sysctl.conf /etc/sysctl.d/*'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure source routed packets are not accepted - files 'net.ipv6.conf.all.accept_source_route = 0'CIS Debian Family Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - net.ipv4.conf.all.accept_source_route = 0CIS Debian Family Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.default.accept_redirects'CIS Debian Family Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - files net.ipv6.conf.all.accept_redirects= 0CIS Debian Family Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - net.ipv4.conf.all.accept_redirectsCIS Debian Family Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure IPv6 redirects are not accepted - 'sysctl net.ipv6.conf.default.accept_redirects = 0'CIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.6 Ensure bogus ICMP responses are ignored - net.ipv4.icmp_ignore_bogus_error_responses = 1CIS Debian Family Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.7 Ensure Reverse Path Filtering is enabled - net.ipv4.conf.all.rp_filter = 1CIS Debian Family Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.8 Ensure TCP SYN Cookies is enabled - net.ipv4.tcp_syncookies = 1CIS Debian Family Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.9 Ensure IPv6 router advertisements are not accepted - net.ipv6.conf.default.accept_ra = 0CIS Debian Family Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.4 Disable Source Packet Forwarding - current ipv6 = 0CIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2 Ensure /etc/hosts.allow is configuredCIS Amazon Linux v2.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5 Disable Directed Broadcast Packet Forwarding - current ip = 0CIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - 'Chain FORWARD'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.8 Disable Response to ICMP Broadcast Netmask Requests - persistent ip = 0CIS Solaris 11 L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.1 Disable Bonjour advertising serviceCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.2.8 Enable TCP SYN Cookies - '/etc/sysctl.conf net.ipv4.tcp_syncookies = 1'CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

9.1.1 Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'CIS Windows 7 Workstation Level 1 v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.1 Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure default deny firewall policy - Chain OUTPUTTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure loopback traffic is configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure TCP Wrappers is installed - zypperTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Defender Firewall: Protect all network connectionsMSCT Windows 10 1909 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Defender Firewall: Protect all network connectionsMSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Defender Firewall: Protect all network connections - Domain ProfileMSCT Windows 10 1809 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION