Item Search

Name	Audit Name	Plugin	Category
3.1.1 Ensure IP forwarding is disabled - ipv6 sysctl.conf sysctl.d	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.1.2 Ensure packet redirect sending is disabled - net.ipv4.conf.all.send_redirects	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.1.2 Ensure packet redirect sending is disabled - net.ipv4.conf.default.send_redirects	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.default.accept_source_route	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.default.accept_redirects	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure ICMP redirects are not accepted - sysctl.conf sysctl.d net.ipv4.conf.default.accept_redirects	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure ICMP redirects are not accepted - sysctl.conf sysctl.d net.ipv6.conf.all.accept_redirects	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.4 Ensure suspicious packets are logged - sysctl net.ipv4.conf.default.log_martians	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.2.5 Ensure broadcast ICMP requests are ignored - sysctl.conf sysctl.d net.ipv4.icmp_echo_ignore_broadcasts	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.6 Ensure bogus ICMP responses are ignored - sysctl net.ipv4.icmp_ignore_bogus_error_responses	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.6 Ensure bogus ICMP responses are ignored - sysctl.conf sysctl.d net.ipv4.icmp_ignore_bogus_error_responses	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.7 Ensure Reverse Path Filtering is enabled - sysctl net.ipv4.conf.all.rp_filter	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.8 Ensure TCP SYN Cookies is enabled - sysctl.conf sysctl.d net.ipv4.tcp_syncookies	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.9 Ensure IPv6 router advertisements are not accepted - sysctl net.ipv6.conf.default.accept_ra	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.9 Ensure IPv6 router advertisements are not accepted - sysctl.conf sysctl.d net.ipv6.conf.default.accept_ra	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure TCP Wrappers is installed	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.4.1 Ensure DCCP is disabled - grep modprobe.d	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.4.1 Ensure DCCP is disabled - modprobe	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.4.2 Ensure SCTP is disabled - modprobe	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.4.4 Ensure TIPC is disabled - modprobe	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.5.1.2 Ensure loopback traffic is configured - output	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.1 Ensure IPv6 default deny firewall policy - Chain INPUT	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.2 Ensure IPv6 loopback traffic is configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.3 Ensure IPv6 outbound and established connections are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3 Ensure iptables is installed	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.2.1.2 Ensure logging is configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure rsyslog default file permissions configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.2.2 Ensure rsyslog is installed	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.1.4 Ensure permissions on /etc/cron.daily are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.5 Ensure permissions on /etc/cron.weekly are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.6 Ensure permissions on /etc/cron.monthly are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.9 Ensure SSH HostbasedAuthentication is disabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
5.2.12 Ensure SSH PermitUserEnvironment is disabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.17 Ensure only strong ciphers are used	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
5.3.1 Ensure password creation requirements are configured - minlen	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.1 Ensure password creation requirements are configured - ocredit	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth sufficient pam_faillock.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth sufficient pam_faillock.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.4 Ensure password hashing algorithm is SHA-512 - system-auth	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.1.4 Ensure inactive password lock is 30 days or less - useradd	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.3 Ensure default group for the root account is GID 0	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
6.1.4 Ensure permissions on /etc/group are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.8 Ensure permissions on /etc/group- are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.2.3 Ensure no legacy "+" entries exist in /etc/shadow	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.6 Ensure root PATH Integrity	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.8 Ensure users' home directories permissions are 750 or more restrictive	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
6.2.10 Ensure users' dot files are not group or world writable	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
6.2.11 Ensure no users have .forward files	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.16 Ensure no duplicate UIDs exist	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.18 Ensure no duplicate user names exist	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search