Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.4.2 Ensure access to bootloader config is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.5.1 Ensure address space layout randomization is enabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SYSTEM AND INFORMATION INTEGRITY

1.5.3 Ensure core dump backtraces are disabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

1.6.1 Ensure system wide crypto policy is not set to legacyCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.4 Ensure system wide crypto policy disables macs less than 128 bitsCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.6 Ensure system wide crypto policy disables chacha20-poly1305 for sshCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.7.2 Ensure local login warning banner is configured properlyCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

1.8.4 Ensure GDM screen locks when the user is idleCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

1.8.5 Ensure GDM screen locks cannot be overriddenCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

1.8.8 Ensure GDM autorun-never is enabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

MEDIA PROTECTION

2.1.13 Ensure rsync services are not in useCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.1.15 Ensure telnet server services are not in useCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.1.18 Ensure web server services are not in useCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.3 Ensure nis client is not installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.4.1.1 Ensure cron daemon is enabled and activeCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.4.1.5 Ensure permissions on /etc/cron.weekly are configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

2.4.2.1 Ensure at is restricted to authorized usersCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

3.3.6 Ensure secure icmp redirects are not acceptedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.3.7 Ensure reverse path filtering is enabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.3.10 Ensure tcp syn cookies is enabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

4.1.1 Ensure nftables is installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1 Ensure firewalld drops unnecessary services and portsCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.4 Ensure nftables loopback traffic is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.1 Ensure permissions on /etc/ssh/sshd_config are configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.3 Ensure permissions on SSH public host key files are configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure sshd Banner is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.1.15 Ensure sshd LogLevel is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.20 Ensure sshd PermitRootLogin is disabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.3.1.3 Ensure latest version of libpwquality is installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SYSTEM AND INFORMATION INTEGRITY

5.3.3.1.1 Ensure password failed attempts lockout is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.3.28 Ensure SSH IgnoreUserKnownHosts is enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.3.36 Ensure no '.shosts' files exist on the system - .shosts files exist on the systemCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.4.1.5 Ensure inactive password lock is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1.6 Ensure all users last password change date is in the pastCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.4.10 Ensure certificate status checking for PKI authenticationCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.4.12 Ensure accounts lock for a minimum of 15 minutes after three unsuccessful logon attempts within a 15-minute timeframe - password-auth fail_intervalCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

5.4.12 Ensure accounts lock for a minimum of 15 minutes after three unsuccessful logon attempts within a 15-minute timeframe - password-auth unlock_timeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

5.4.12 Ensure accounts lock for a minimum of 15 minutes after three unsuccessful logon attempts within a 15-minute timeframe - system-auth denyCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

5.4.12 Ensure accounts lock for a minimum of 15 minutes after three unsuccessful logon attempts within a 15-minute timeframe - system-auth even_deny_rootCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

5.4.13 Ensure lockout for unsuccessful root logon attemptsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

5.5.8 Ensure Default user umask is 077CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

6.1.1 Audit system file permissionsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

6.1.16 Ensure all world-writable directories are owned by root, sys, bin, or an application User IdentifierCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

6.2.1.1 Ensure journald service is enabled and activeCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.4 Ensure only one logging system is in useCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.4 Ensure rsyslog log file creation mode is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

6.2.9 Ensure root is the only UID 0 accountCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

6.2.18 Ensure there are no unnecessary accountsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

6.2.19 Ensure all local interactive user home directories are group-ownedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT