Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.6.1.5 Ensure the SELinux mode is enforcing - getenforceCIS CentOS 6 Workstation L2 v3.0.0Unix

ACCESS CONTROL

2.2.3 Ensure Avahi Server is not installed - avahiCIS CentOS 6 Workstation L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

2.3.3 Ensure talk client is not installedCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

3.1.1 Disable IPv6CIS CentOS 6 Workstation L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure IP forwarding is disabled - 'net.ipv4.ip_forward = 0 /sbin/sysctl'CIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

3.3.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.all.secure_redirects = 0 /etc/sysctl.conf /etc/sysctl.d/*'CIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.6 Ensure bogus ICMP responses are ignored - sysctlCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

3.3.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.all.rp_filter = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

3.3.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.all.rp_filter = 1 /sbin/sysctl'CIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

3.3.9 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.default.accept_ra = 0 /sbin/sysctl'CIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

3.4.1 Ensure TCP Wrappers is installedCIS CentOS 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.5 Ensure permissions on /etc/hosts.deny are configuredCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

3.5.2 Ensure SCTP is disabledCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

3.6.2.1 Ensure IPv4 default deny firewall policy - OUTPUTCIS CentOS 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.2 Ensure IPv4 loopback traffic is configured - INPUTCIS CentOS 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.4 Ensure IPv4 firewall rules exist for all open ports - iptablesCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.1.3 Ensure auditd service is enabledCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM 32-bitCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog Service is enabledCIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure rsyslog default file permissions configuredCIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2 Ensure permissions on all logfiles are configuredCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.1.2 Ensure permissions on /etc/crontab are configuredCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.1.7 Ensure permissions on /etc/cron.d are configuredCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.1.8 Ensure cron is restricted to authorized users - /etc/cron.allowCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.3.6 Ensure SSH LogLevel is appropriate - sshd_configCIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.3.8 Ensure SSH MaxAuthTries is set to 4 or lessCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.3.9 Ensure SSH IgnoreRhosts is enabledCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

5.3.14 Ensure only strong Ciphers are used - approved ciphersCIS CentOS 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.3.15 Ensure only strong MAC algorithms are used - sshdCIS CentOS 6 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.16 Ensure only strong Key Exchange algorithms are used - sshd_configCIS CentOS 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.3.20 Ensure SSH PAM is enabled - sshdCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

5.3.23 Ensure SSH MaxSessions is limited - sshd_configCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

5.4.1 Ensure password creation requirements are configured - password-auth dcreditCIS CentOS 6 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - password-auth ucreditCIS CentOS 6 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - system-auth lcreditCIS CentOS 6 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - system-auth ucreditCIS CentOS 6 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.2 Ensure lockout for failed password attempts is configured - password-authCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.4.2 Ensure lockout for failed password attempts is configured - system-authCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.4.3 Ensure password reuse is limited - password-authCIS CentOS 6 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.4 Ensure password hashing algorithm is SHA-512 - system-authCIS CentOS 6 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.5.5 Ensure default user umask is configured - system wide umaskCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

6.1.6 Ensure permissions on /etc/shadow are configuredCIS CentOS 6 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.2 Ensure /etc/shadow password fields are not emptyCIS CentOS 6 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.6 Ensure root is the only UID 0 accountCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

6.2.8 Ensure all users' home directories existCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

6.2.9 Ensure users own their home directoriesCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

6.2.12 Ensure no users have .forward filesCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

6.2.14 Ensure no users have .rhosts filesCIS CentOS 6 Workstation L1 v3.0.0Unix

IDENTIFICATION AND AUTHENTICATION