| 2.1.6 Ensure rsh server is not enabled - rexec | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.1.6 Ensure rsh server is not enabled - rexec | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.1.6 Ensure rsh server is not enabled - rlogin | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.1.6 Ensure rsh server is not enabled - rlogin | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.1.6 Ensure rsh server is not enabled - rlogin | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.1.6 Ensure rsh server is not enabled - rsh | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.1.6 Ensure rsh server is not enabled - rsh | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.1.8 Ensure telnet server is not enabled | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 3.4 Ensure interface description is set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 5.3.21 Ensure SSH AllowTcpForwarding is disabled - sshd | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.21 Ensure SSH AllowTcpForwarding is disabled - sshd | CIS CentOS 6 Server L2 v3.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.21 Ensure SSH AllowTcpForwarding is disabled - sshd | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.21 Ensure SSH AllowTcpForwarding is disabled - sshd | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.21 Ensure SSH AllowTcpForwarding is disabled - sshd | CIS Red Hat 6 Server L2 v3.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.21 Ensure SSH AllowTcpForwarding is disabled - sshd_config | CIS Red Hat 6 Server L2 v3.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.21 Ensure SSH AllowTcpForwarding is disabled - sshd_config | CIS CentOS 6 Server L2 v3.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.21 Ensure SSH AllowTcpForwarding is disabled - sshd_config | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.21 Ensure SSH AllowTcpForwarding is disabled - sshd_config | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.21 Ensure SSH AllowTcpForwarding is disabled - sshd_config | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.21 Ensure SSH AllowTcpForwarding is disabled - sshd_config | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.4.2 Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, RISK ASSESSMENT |
| 18.4.3 Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, RISK ASSESSMENT |
| 18.4.5 Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, RISK ASSESSMENT |
| 18.4.7 Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, RISK ASSESSMENT |
| 18.5.4.1 Ensure 'Turn off multicast name resolution' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, RISK ASSESSMENT |
| WA00505 A22 - Web Distributed Authoring and Versioning (WebDAV) must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA00505 A22 - Web Distributed Authoring and Versioning (WebDAV) must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00510 A22 - Web server status module must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA00510 A22 - Web server status module must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00515 A22 - Automatic directory indexing must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00520 A22 - The web server must not be configured as a proxy server. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00545 A22 - Web server options for the OS root must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA00545 A22 - Web server options for the OS root must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00550 A22 - The TRACE method must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00550 A22 - The TRACE method must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG130 A22 - All utility programs, not necessary for operations, must be removed or disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG310 A22 - A web site must not contain a robots.txt file - alias | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG310 A22 - A web site must not contain a robots.txt file - document root | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG310 W22 - A web site must not contain a robots.txt file. - 'Alias' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG310 W22 - A web site must not contain a robots.txt file. - 'DocumentRoot' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG370 A22 - MIME types for csh or sh shell programs must be disabled - Action | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG370 A22 - MIME types for csh or sh shell programs must be disabled - AddHandler | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG385 A22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG385 IIS6 - All web server documentation, sample code, example applications, and tutorials must be removed. - 'Inetpub\AdminScripts' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG385 W22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server. - 'extra' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG385 W22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server. - 'printenv' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG385 W22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server. - 'test-cgi' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'Alias - *.jpp' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'ScriptAlias - *.java' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'ScriptAlias - *.jpp' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
