Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.5.2.3 Set 'Windows Firewall: Private: Apply local firewall rules' to 'Yes (default)'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.2.8 Set 'Windows Firewall: Private: Logging: Name' to '%SYSTEMROOT%\System32\logfiles\firewall\privatefw.log'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.9.1 (L1) Ensure 'Lock Encrypted Media Extensions' is set to 'Enabled'CIS Mozilla Firefox ESR GPO v1.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Ensure 'Protect RE' Firewall filter includes Rate-Limiting for Management Services termsCIS Juniper OS Benchmark v2.1.0 L2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure TCP Wrappers is installedCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.3 Ensure /etc/hosts.deny is configuredCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.1 Ensure a Firewall package is installedCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2 Ensure /etc/hosts.allow is configuredCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2 Ensure /etc/hosts.allow is configuredCIS Oracle Linux 6 Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3 Ensure /etc/hosts.deny is configuredCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3 Ensure /etc/hosts.deny is configuredCIS CentOS 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.2 Ensure loopback traffic is configuredCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.3 Ensure outbound and established connections are configuredCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure IPv6 default deny firewall policy - Chain OUTPUTCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.2 Ensure IPv6 loopback traffic is configured - INPUTCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.2 Ensure IPv6 loopback traffic is configured - OUTPUTCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.3 Ensure IPv6 outbound and established connections are configuredCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.2 Ensure loopback traffic is configured - INPUTCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3 Ensure iptables is installedCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3 Ensure iptables is installedCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.3 Ensure ip6tables outbound and established connections are configuredCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.4.1.1 Ensure default deny firewall policy - 'Chain INPUT'CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.4.1.2 Ensure loopback traffic is configuredCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.4.1.3 Ensure outbound and established connections are configuredCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.4.2.4 Ensure IPv6 firewall rules exist for all open portsCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.1.3 Ensure permissions on all logfiles are configuredCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.1.15 Ensure file deletion events by users are collected - auditctl b64 unlinkCIS Distribution Independent Linux Server L2 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.1.15 Ensure file deletion events by users are collected - b32 unlinkCIS Distribution Independent Linux Workstation L2 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.6 Ensure routing tables for VPC peering are "least access"CIS Amazon Web Services Foundations v5.0.0 L2amazon_aws

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Active RulesCIS Apache HTTP Server 2.2 L2 v3.6.0 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

8.1 Ensure that RDP access from the Internet is evaluated and restrictedCIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.2 Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.4.5 Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.4.8 Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure bogus ICMP responses are ignored - /etc/sysctlTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure bogus ICMP responses are ignored - sysctlTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure broadcast ICMP requests are ignored - /etc/sysctlTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure ICMP redirects are not accepted - sysctl ipv4 all acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure iptables is installed - dpkgTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure Reverse Path Filtering is enabled - /etc/sysctl ipv4 all rp_filterTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure secure ICMP redirects are not accepted - sysctl ipv4 all secureTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure secure ICMP redirects are not accepted - sysctl ipv4 default secureTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure source routed packets are not accepted - /etc/sysctl ipv4 default acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)MSCT Windows Server 1903 MS v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)MSCT Windows 10 v20H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server v2004 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 10 v21H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION