Detections
Analytics

Item Search

NameAudit NamePluginCategory
BSI_100_2_Redhat_v1.0.audit from BSI-100-2 Red Hat Linux 2005BSI-100-2 Red Hat Linux 2005Unix
BSI-100-2: S 2.33: Division of administrator roles under Unix: Password length >= 12BSI-100-2 Red Hat Linux 2005Unix

IDENTIFICATION AND AUTHENTICATION

BSI-100-2: S 4.13: Careful allocation of identifiers: /etc/group consistencyBSI-100-2 Red Hat Linux 2005Unix

IDENTIFICATION AND AUTHENTICATION

BSI-100-2: S 4.13: Careful allocation of identifiers: /etc/password consistencyBSI-100-2 Red Hat Linux 2005Unix

IDENTIFICATION AND AUTHENTICATION

BSI-100-2: S 4.13: Careful allocation of identifiers: Every GID must be validBSI-100-2 Red Hat Linux 2005Unix

ACCESS CONTROL

BSI-100-2: S 4.13: Careful allocation of identifiers: Every group ID (GID) must be unique - Zero GIDBSI-100-2 Red Hat Linux 2005Unix

IDENTIFICATION AND AUTHENTICATION

BSI-100-2: S 4.13: Careful allocation of identifiers: Every group log-in name must be uniqueBSI-100-2 Red Hat Linux 2005Unix

IDENTIFICATION AND AUTHENTICATION

BSI-100-2: S 4.13: Careful allocation of identifiers: Every log-in name must be uniqueBSI-100-2 Red Hat Linux 2005Unix

IDENTIFICATION AND AUTHENTICATION

BSI-100-2: S 4.13: Careful allocation of identifiers: Every UID must be uniqueBSI-100-2 Red Hat Linux 2005Unix

IDENTIFICATION AND AUTHENTICATION

BSI-100-2: S 4.14: Mandatory password protection under Unix: Passwords should not be stored in the universally readable /etc/passwd fileBSI-100-2 Red Hat Linux 2005Unix

IDENTIFICATION AND AUTHENTICATION

BSI-100-2: S 4.18: Administrative and technical means to control access to the system-monitor and single-user mode: console access passwordBSI-100-2 Red Hat Linux 2005Unix

ACCESS CONTROL

BSI-100-2: S 4.21: Preventing unauthorised acquisition of administrator rights: Block ftp for administrative accesses.BSI-100-2 Red Hat Linux 2005Unix

ACCESS CONTROL

BSI-100-2: S 4.22: Prevention of loss of confidentiality of sensitive data in the Unix system: Finger serviceBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.22: Prevention of loss of confidentiality of sensitive data in the Unix system: FTP serviceBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.22: Prevention of loss of confidentiality of sensitive data in the Unix system: SMB serviceBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.22: Prevention of loss of confidentiality of sensitive data in the Unix system: Telnet serviceBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: /etc/X11/xinit/xinitrc - 'xhost +' should never be usedBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: /usr/X11R6/bin/startx - 'xhost +' should never be used.BSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: /usr/X11R6/lib/X11/xdm/Xsession - 'xhost +' should never be used.BSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: ~/.Xclients - 'xhost +' should never be used.BSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: ~/.Xclients.gnome - 'xhost +' should never be used.BSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: ~/.xinitrc - 'xhost +' should never be used.BSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: FTP - Remove non-required services from /etc/inetd.confBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: INND - Remove non-required services from /etc/inetd.confBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: Rexecd must be deactivatedBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: Rlogind must be deactivatedBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: RSHD - Remove non-required services from /etc/inetd.confBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: Rshd must be deactivatedBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: SMBD - Remove non-required services from /etc/inetd.confBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: Telnet - Remove non-required services from /etc/inetd.confBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: Telnet should be replaced by SSH.BSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: TFTP - Remove non-required services from /etc/inetd.confBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: Tftp should be started with the option -sBSI-100-2 Red Hat Linux 2005Unix

ACCESS CONTROL

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: UGIDD - Remove non-required services from /etc/inetd.confBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: UUCP - Remove non-required services from /etc/inetd.confBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.105: Initial measures after a Unix standard installation: YPBIND - Remove non-required services from /etc/inetd.confBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.106: Activation of system logging: /etc/rsyslog.conf - *.err;kern.warning;auth.err;daemon.errBSI-100-2 Red Hat Linux 2005Unix

AUDIT AND ACCOUNTABILITY

BSI-100-2: S 4.106: Activation of system logging: /etc/rsyslog.conf - auth.infoBSI-100-2 Red Hat Linux 2005Unix

AUDIT AND ACCOUNTABILITY

BSI-100-2: S 4.106: Activation of system logging: /etc/rsyslog.conf - lpr.infoBSI-100-2 Red Hat Linux 2005Unix

AUDIT AND ACCOUNTABILITY

BSI-100-2: S 4.106: Activation of system logging: /etc/rsyslog.conf - mail.infoBSI-100-2 Red Hat Linux 2005Unix

AUDIT AND ACCOUNTABILITY

BSI-100-2: S 4.106: Activation of system logging: Only system administrators can change syslog.confBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.151: Secure installation of Internet PCs: The Linux packet filter function iptables can be used.BSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.151: Secure installation of Internet PCs: Uninstall Apache and any other web server softwareBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 4.200: Handling of USB storage media: Prevent the device driver for USB storage media from starting upBSI-100-2 Red Hat Linux 2005Unix

SYSTEM AND INFORMATION INTEGRITY

BSI-100-2: S 5.18: Use of the NIS security mechanisms: The file /etc/passwd must not contain the entry +::0:0:::BSI-100-2 Red Hat Linux 2005Unix

IDENTIFICATION AND AUTHENTICATION

BSI-100-2: S 5.18: Use of the NIS security mechanisms: The password file /etc/passwd must not contain the entry +::0:0:::BSI-100-2 Red Hat Linux 2005Unix

IDENTIFICATION AND AUTHENTICATION

BSI-100-2: S 5.19: Use of the sendmail security mechanisms: Privileged users like bin or root should not have a .forward file.BSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 5.35: Use of the security mechanisms of UUCPBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 5.39: Secure use of protocols and services: FTP should not be used to transmit confidential data over public networksBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT

BSI-100-2: S 5.39: Secure use of protocols and services: Telnet not to be used on insecure networksBSI-100-2 Red Hat Linux 2005Unix

CONFIGURATION MANAGEMENT