Item Search

NameAudit NamePluginCategory
1.1 JBoss Enterprise Application Platform should be a vendor supported versionRedhat JBoss EAP 5.xUnix

CONFIGURATION MANAGEMENT

1.1/1.2 - JBoss Enterprise Application Platform/Ensure Java Runtime Environment in use is a supported versionRedhat JBoss EAP 5.xUnix

CONFIGURATION MANAGEMENT

1.006-01 - Policy must require that administrative user accounts not be used with applications that access the internet.DISA Windows Vista STIG v6r41Windows

CONFIGURATION MANAGEMENT

1.23 snmp-adaptor.sar must not be deployed - 'JBOSS_HOME/server/@PROFILE@/deploy/snmp-adaptor.sar'Redhat JBoss EAP 5.xUnix

CONFIGURATION MANAGEMENT

3.1 Ensure JMX Console is either secured or removed - 'java:/jaas/jmx-console = true'Redhat JBoss EAP 5.xUnix

ACCESS CONTROL

3.1 Ensure JMX Console is either secured or removed - 'java:/jaas/jmx-console = true'Redhat JBoss EAP 5.xUnix

ACCESS CONTROL

3.1 Ensure JMX Console is either secured or removed - 'java:/jaas/jmx-console = true' - jmx-console.warRedhat JBoss EAP 5.xUnix

CONFIGURATION MANAGEMENT

3.2 Ensure Web Console is either secured or removed - 'java:/jaas/jmx-console = true'Redhat JBoss EAP 5.xUnix

CONFIGURATION MANAGEMENT

3.2 Ensure Web Console is either secured or removed - 'JBOSS_HOME/server/@PROFILE@/deploy/admin-console.war'Redhat JBoss EAP 5.xUnix

CONFIGURATION MANAGEMENT

3.3 Ensure Admin Console is either secured or removedRedhat JBoss EAP 5.xUnix

ACCESS CONTROL

3.3 Ensure Admin Console is either secured or removed - 'java:/jaas/jmx-console = true'Redhat JBoss EAP 5.xUnix

ACCESS CONTROL

3.3 Ensure Admin Console is either secured or removed - 'JBOSS_HOME/server/@PROFILE@/deploy/management'Redhat JBoss EAP 5.xUnix

CONFIGURATION MANAGEMENT

3.4 The JMXInvokerServlet servlet must be secured against web attacksRedhat JBoss EAP 5.xUnix

ACCESS CONTROL

3.4 The JMXInvokerServlet servlet must be secured against web attacks - 'http-method,'POST' = false'Redhat JBoss EAP 5.xUnix

ACCESS CONTROL

3.4 The JMXInvokerServlet servlet must be secured against web attacks - 'http-method,GET = false'Redhat JBoss EAP 5.xUnix

ACCESS CONTROL

3.5 The JMXInvokerServlet servlet must be configured to prevent unprivileged access using authenticationRedhat JBoss EAP 5.xUnix

IDENTIFICATION AND AUTHENTICATION

3.5 The JMXInvokerServlet servlet must be configured to prevent unprivileged access using authentication - 'java:/jaas/jmx-console = true'Redhat JBoss EAP 5.xUnix

IDENTIFICATION AND AUTHENTICATION

3.6 JMXInvokerServlet configuration - 'org.jboss.jmx.connector.invoker.RolesAuthorization = true'Redhat JBoss EAP 5.xUnix

ACCESS CONTROL

3.6 The JMXInvokerServlet servlet must be configured to prevent unprivileged access using authenticationRedhat JBoss EAP 5.xUnix

ACCESS CONTROL

DG0001-ORACLE11 - Vendor supported software is evaluated and patched against newly found vulnerabilities.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0001-ORACLE11 - Vendor supported software is evaluated and patched against newly found vulnerabilities.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0167-ORACLE11 - Sensitive data served by the DBMS should be protected by encryption when transmitted across the network.DISA STIG Oracle 11 Installation v9r1 LinuxUnix
DG0167-ORACLE11 - Sensitive data served by the DBMS should be protected by encryption when transmitted across the network.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DO3630-ORACLE11 - The Oracle Listener should be configured to require administration authentication - 'LSNRCTL Security'DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DO3630-ORACLE11 - The Oracle Listener should be configured to require administration authentication - 'LSNRCTL Security'DISA STIG Oracle 11 Installation v9r1 LinuxUnix
NET0230 - Network element is not password protected.DISA STIG Cisco L2 Switch V8R27Cisco

IDENTIFICATION AND AUTHENTICATION

NET0240 - Devices exist with standard default passwords.DISA STIG Cisco L2 Switch V8R27Cisco
NET0460 - Group accounts are defined.DISA STIG Cisco L2 Switch V8R27Cisco
NET1623 - Authentication required for console access - 'AUX port no exec'DISA STIG Cisco L2 Switch V8R27Cisco

CONFIGURATION MANAGEMENT

NET1665 - Using default SNMP community names - 'Community set to Public or Private'DISA STIG Cisco L2 Switch V8R27Cisco

IDENTIFICATION AND AUTHENTICATION

WA000-WWA054 A22 - Server side includes (SSIs) must run with execution capability disabled - NoneDISA STIG Apache Server 2.2 Unix v1r11Unix
WA000-WWA054 A22 - Server side includes (SSIs) must run with execution capability disabled - NoneDISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA000-WWA054 A22 - Server side includes (SSIs) must run with execution capability disabled - Options NoneDISA STIG Apache Server 2.2 Unix v1r11Unix
WA155 W22 - Classified web servers will be afforded physical security commensurate with the classification of its content.DISA STIG Apache Server 2.2 Windows v1r13Windows
WG190 A22 - Web server software must be a vendor-supported version.DISA STIG Apache Server 2.2 Unix v1r11Unix

SYSTEM AND INFORMATION INTEGRITY

WG230 A22 - Web server administration must be performed over a secure path or at the local console.DISA STIG Apache Site 2.2 Unix v1r11Unix

CONFIGURATION MANAGEMENT

WG235 A22 - Web Administrators must only use encrypted connections for Document Root directory uploads.DISA STIG Apache Site 2.2 Unix v1r11Unix
WG235 IIS6 - Web Administrators must secure encrypted connections for Document Root directory uploads.DISA STIG IIS 6.0 Site Checklist v6r16Windows
WG235 W22 - Web Administrators must only use encrypted connections for Document Root directory uploads.DISA STIG Apache Site 2.2 Windows v1r13Windows
WG290 A22 - Web client access to the content directories must be restricted to read and execute - aliasDISA STIG Apache Site 2.2 Unix v1r11Unix
WG290 A22 - Web client access to the content directories must be restricted to read and execute - aliasDISA STIG Apache Site 2.2 Unix v1r11 MiddlewareUnix

CONFIGURATION MANAGEMENT

WG290 A22 - Web client access to the content directories must be restricted to read and execute - script aliasDISA STIG Apache Site 2.2 Unix v1r11Unix
WG290 A22 - Web client access to the content directories must be restricted to read and execute - script aliasDISA STIG Apache Site 2.2 Unix v1r11 MiddlewareUnix

CONFIGURATION MANAGEMENT

WG290 A22 - Web client access to the content directories must be restricted to read and execute - script alias matchDISA STIG Apache Site 2.2 Unix v1r11Unix
WG290 A22 - Web client access to the content directories must be restricted to read and execute - script alias matchDISA STIG Apache Site 2.2 Unix v1r11 MiddlewareUnix

CONFIGURATION MANAGEMENT

WG360 A22 - Symbolic links must not be used in the web content directory tree - confDISA STIG Apache Site 2.2 Unix v1r11 MiddlewareUnix

CONFIGURATION MANAGEMENT

WG360 A22 - Symbolic links must not be used in the web content directory tree - findDISA STIG Apache Site 2.2 Unix v1r11 MiddlewareUnix

CONFIGURATION MANAGEMENT

WG360 A22 - Symbolic links must not be used in the web content directory tree - findDISA STIG Apache Site 2.2 Unix v1r11Unix

CONFIGURATION MANAGEMENT

WG385 A22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server.DISA STIG Apache Server 2.2 Unix v1r11Unix

CONFIGURATION MANAGEMENT

WG385 W22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server. - 'test-cgi'DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT