Item Search

NameAudit NamePluginCategory
4.510 - The system must protect against or limit the effects of Denial of Service (DoS) attacks by validating the operating system is implementing rate-limiting measures on impacted network interfaces - sysctlTenable Fedora Linux Best Practices v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-L2-000100 - The Arista MLS layer 2 switch must have IP Source Guard enabled on all user-facing or untrusted access switch ports.DISA STIG Arista MLS EOS 4.2x L2S v1r1Arista
ARST-RT-000570 - The Arista BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer.DISA STIG Arista MLS EOS 4.2x Router v1r1Arista
Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Big Sur v1.4.0 - 800-53r4 LowUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Big Sur v1.4.0 - 800-53r5 LowUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Big Sur v1.4.0 - 800-53r4 HighUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Big Sur v1.4.0 - 800-53r5 HighUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Big Sur v1.4.0 - All ProfilesUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-FW-000220 - The Cisco ASA must be configured to implement scanning threat detection.DISA STIG Cisco ASA FW v1r1Cisco
CASA-FW-000220 - The Cisco ASA must be configured to implement scanning threat detection.DISA STIG Cisco ASA FW v1r3Cisco
Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Catalina v1.5.0 - 800-53r5 LowUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Catalina v1.5.0 - All ProfilesUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-ND-001220 - The Cisco switch must be configured to protect against known types of denial-of-service (DoS) attacks by employing organization-defined security safeguards - ip access-listDISA STIG Cisco NX-OS Switch NDM v1r1Cisco
CISC-RT-000180 - The Cisco router must be configured to have Internet Control Message Protocol (ICMP) mask reply messages disabled on all external interfaces.DISA STIG Cisco IOS Router RTR v1r4Cisco
FNFG-FW-000110 - The FortiGate firewall must employ filters that prevent or limit the effects of all types of commonly known denial-of-service (DoS) attacks, including flooding, packet sweeps, and unauthorized port scanning.DISA Fortigate Firewall STIG v1r1FortiGate
JUEX-L2-000080 - The Juniper EX switch must be configured to enable Root Protection on all interfaces connecting to access layer switches and hosts.DISA Juniper EX Series Layer 2 Switch v1r2Juniper
JUEX-RT-000600 - The Juniper router must be configured to have Gratuitous ARP disabled on all external interfaces.DISA Juniper EX Series Router v1r3Juniper
JUEX-RT-000610 - The Juniper router must be configured to have IP directed broadcast disabled on all interfaces.DISA Juniper EX Series Router v1r3Juniper
Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Monterey v1.0.0 - 800-53r5 LowUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Monterey v1.0.0 - 800-53r4 LowUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Monterey v1.0.0 - All ProfilesUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network InterfacesNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000307 - OHS must be tuned to handle the operational requirements of the hosted application.DISA STIG Oracle HTTP Server 12.1.3 v1r6Unix
RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces - FirewallBackendDISA Red Hat Enterprise Linux 8 STIG v1r3Unix
RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces - nftables statusDISA Red Hat Enterprise Linux 8 STIG v1r5Unix
RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces - packageDISA Red Hat Enterprise Linux 8 STIG v1r3Unix
RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces - packageDISA Red Hat Enterprise Linux 8 STIG v1r7Unix
RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces.DISA Red Hat Enterprise Linux 8 STIG v1r11Unix
RHEL-08-040150 - A firewall must be able to protect against or limit the effects of Denial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting measures on impacted network interfaces.DISA Red Hat Enterprise Linux 8 STIG v1r8Unix
RHEL-09-251030 - RHEL 9 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring rate-limiting measures on impacted network interfaces are implemented.DISA Red Hat Enterprise Linux 9 STIG v1r1Unix
UBTU-20-010446 - The Ubuntu operating system must configure the uncomplicated firewall to rate-limit impacted network interfaces.DISA STIG Ubuntu 20.04 LTS v1r9Unix
VCEM-67-000030 - ESX Agent Manager must disable the shutdown port.DISA STIG VMware vSphere 6.7 EAM Tomcat v1r1Unix
VCFL-67-000029 - vSphere Client must disable the shutdown port.DISA STIG VMware vSphere 6.7 Virgo Client v1r1Unix
VCLD-67-000033 - VAMI must be protected from being stopped by a non-privileged user.DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r2Unix
VCUI-67-000029 - vSphere UI must disable the shutdown port - vsphere-ui.jsonDISA STIG VMware vSphere 6.7 UI Tomcat v1r1Unix
WN11-CC-000035 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.DISA Windows 11 STIG v1r4Windows
WN11-CC-000035 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.DISA Windows 11 STIG v1r2Windows