Detections
Analytics

Item Search

NameAudit NamePluginCategory
DTBI425 - Java permissions must be disallowed (Local Machine zone).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

CONFIGURATION MANAGEMENT

DTBI430 - Java permissions must be disallowed (Locked Down Local Machine zone).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

CONFIGURATION MANAGEMENT

DTBI450 - Java permissions must be disallowed (Locked Down Restricted Sites zone).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

CONFIGURATION MANAGEMENT

DTBI755 - Browser Geolocation functionality must be disallowed.DISA STIG Microsoft Internet Explorer 9 v1r15Windows

CONFIGURATION MANAGEMENT

DTBI760 - Browser must retain history on exit.DISA STIG Microsoft Internet Explorer 9 v1r15Windows

ACCESS CONTROL

DTBI840 - Cross-Site Scripting (XSS) Filter must be enforced (Internet zone).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

CONFIGURATION MANAGEMENT

DTBI860 - When uploading files to a server, the local directory path must be excluded (Restricted Sites zone).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

CONFIGURATION MANAGEMENT

DTBI890 - Cross-Site Scripting (XSS) Filter property must be enforced (Restricted Site zone).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

CONFIGURATION MANAGEMENT

DTBI910 - Status bar updates via script must be disallowed (Internet zone).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

CONFIGURATION MANAGEMENT

DTBI950 - Status bar updates via script must be disallowed (Restricted Site zone).DISA STIG Microsoft Internet Explorer 9 v1r15Windows

CONFIGURATION MANAGEMENT

WA00500 W22 - Active software modules must be minimized.DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WA00515 W22 - Automatic directory indexing must be disabled.DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WA00520 W22 - The web server must not be configured as a proxy server.DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WA00525 W22 - User specific directories must not be globally enabled.DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WA00540 W22 - The web server must be configured to explicitly deny access to the OS root.DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WA00545 W22 - Web server options for the OS root must be disabled.DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WA00547 W22 - The ability to override the access configuration for the OS root directory must be disabled.DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WA00550 W22 - The TRACE method must be disabled.DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WA00555 W22 - The web server must be configured to listen on a specific IP address and port. - '[::ffff:0.0.0.0]:80'DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WA00555 W22 - The web server must be configured to listen on a specific IP address and port. - '0.0.0.0:80'DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WA00555 W22 - The web server must be configured to listen on a specific IP address and port. - 'Listen directive exists'DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WG145 W22 - The private web server must use an approved DoD certificate validation process. - 'SSLCARevocationFile'DISA STIG Apache Server 2.2 Windows v1r13Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG170 IIS6 - Each readable web document directory must contain a default, home, index or equivalent file. - 'EnableDefaultDoc set to True'DISA STIG IIS 6.0 Site Checklist v6r16Windows

CONFIGURATION MANAGEMENT

WG205 IIS6 - The web document (home) directory must be on a separate partition from the web servers system files.DISA STIG IIS 6.0 Site Checklist v6r16Windows

CONFIGURATION MANAGEMENT

WG220 W22 - Web administration tools must be restricted to the web manager and the web manager's designees.DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WG237 W22 - Remote authors or content providers must have all files scanned for malware before uploading files to the Document Root directory.DISA STIG Apache Server 2.2 Windows v1r13Windows

SYSTEM AND INFORMATION INTEGRITY

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\AdminScripts'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\ftproot'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\ftproot\ftpfiles'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot\docs'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot\scripts'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 W22 - Web server system files must conform to minimum file permission requirements. - 'ServerRoot'DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WG310 IIS6 - A web site must not contain a robots.txt file.DISA STIG IIS 6.0 Site Checklist v6r16Windows

CONFIGURATION MANAGEMENT

WG330 W22 - A public web server must limit e-mail to outbound only.DISA STIG Apache Server 2.2 Windows v1r13Windows

CONFIGURATION MANAGEMENT

WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 3.0\Server'DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG340 IIS6 - A private web server must utilize an approved TLS version. - 'TLS 1.0\Client'DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG340 IIS6 - A private web server must utilize an approved TLS version. - 'TLS 1.0\Server'DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'PCT 1.0 Server'DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL 2.0 Client'DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL 2.0 Server'DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL 3.0 Client'DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'TLS 1.0 Client'DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'TLS 1.0 Server'DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG410 IIS6 - Interactive scripts must have proper access controls. - 'Enable Parent Paths set to False'DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG410 IIS6 - Interactive scripts must have proper access controls. - 'Virtual Directories - ASP Default Language set to VBScript'DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG410 IIS6 - Interactive scripts must have proper access controls. - 'Virtual Directories - Enable Parent Paths set to False'DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WG440 W22 - Monitoring software must include CGI or equivalent programs in its scope.DISA STIG Apache Server 2.2 Windows v1r13Windows

SYSTEM AND INFORMATION INTEGRITY

WG460 IIS6 - PERL scripts must use the TAINT option.DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND INFORMATION INTEGRITY