CSCv6|9

Title

Limitation and Control of Network Ports

Description

Limitation and Control of Network Ports

Reference Item Details

Reference: CIS Critical Security Controls v6

Category: Limitation and Control of Network Ports

Family: System

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.1 Ensure 'Enable curtaining of remote access hosts' is set to 'Disabled'	Windows	CIS Google Chrome L1 v2.0.0
1.1.3.9.5 Set 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' to 'Highest protection'	Windows	CIS Windows 8 L1 v1.0.0
1.1.3.9.7 Configure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)'	Windows	CIS Windows 8 L1 v1.0.0
1.1.3.9.8 Configure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes'	Windows	CIS Windows 8 L1 v1.0.0
1.1.3.9.10 Configure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds'	Windows	CIS Windows 8 L1 v1.0.0
1.1.3.9.11 Configure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 default)'	Windows	CIS Windows 8 L1 v1.0.0
1.1.3.9.12 Configure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers'	Windows	CIS Windows 8 L1 v1.0.0
1.1.3.9.15 Set 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' to 'Highest'	Windows	CIS Windows 8 L1 v1.0.0
1.1.3.9.16 Configure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)'	Windows	CIS Windows 8 L1 v1.0.0
1.1.4.7 Set 'Access this computer from the network' to 'Users, Administrators'	Windows	CIS Windows 8 L1 v1.0.0
1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfile	Unix	CIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfile	Unix	CIS Kubernetes 1.13 Benchmark v1.4.0 L1
1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-certfile	Unix	CIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-certfile	Unix	CIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfile	Unix	CIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfile	Unix	CIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - keyfile	Unix	CIS Kubernetes 1.13 Benchmark v1.4.0 L1
1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - keyfile	Unix	CIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.27 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-certfile	Unix	CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
1.1.27 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfile	Unix	CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
1.2.1.1 Configure 'Set IP Stateless Autoconfiguration Limits State'	Windows	CIS Windows 8 L1 v1.0.0
1.2.28 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfile	Unix	CIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.2.28 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - keyfile	Unix	CIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.2.29 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfile	Unix	CIS Kubernetes Benchmark v1.6.1 L1 Master
1.2.29 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfile	Unix	CIS Kubernetes Benchmark v1.5.1 L1
1.2.29 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - keyfile	Unix	CIS Kubernetes Benchmark v1.5.1 L1
1.2.29 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - keyfile	Unix	CIS Kubernetes Benchmark v1.6.1 L1 Master
1.3 Dedicated Name Server Role	Unix	CIS BIND DNS v1.0.0 L1 Caching Only Name Server
1.3 Dedicated Name Server Role	Unix	CIS BIND DNS v3.0.1 Authoritative Name Server
1.3 Dedicated Name Server Role	Unix	CIS BIND DNS v1.0.0 L1 Authoritative Name Server
1.3 Dedicated Name Server Role	Unix	CIS BIND DNS v3.0.1 Caching Only Name Server
1.5.7 Ensure that a unique Certificate Authority is used for etcd	Unix	CIS Kubernetes 1.13 Benchmark v1.4.0 L2
1.5.7 Ensure that a unique Certificate Authority is used for etcd	Unix	CIS Kubernetes 1.11 Benchmark v1.3.0 L2
1.5.7 Ensure that a unique Certificate Authority is used for etcd	Unix	CIS Kubernetes 1.13 Benchmark v1.4.1 L2
1.5.9 Ensure that a unique Certificate Authority is used for etcd	Unix	CIS Kubernetes 1.7.0 Benchmark v1.1.0 L2
1.5.9 Ensure that a unique Certificate Authority is used for etcd	Unix	CIS Kubernetes 1.8 Benchmark v1.2.0 L2
10.1 Ensure the LimitRequestLine directive is Set to 512 or less	Unix	CIS Apache HTTP Server 2.4 L2 v2.0.0
10.1 Ensure the LimitRequestLine directive is Set to 512 or less	Unix	CIS Apache HTTP Server 2.4 L2 v1.5.0 Middleware
10.1 Ensure the LimitRequestLine directive is Set to 512 or less	Unix	CIS Apache HTTP Server 2.2 L2 v3.6.0
10.1 Ensure the LimitRequestLine directive is Set to 512 or less	Unix	CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware
10.1 Ensure the LimitRequestLine directive is Set to 512 or less	Unix	CIS Apache HTTP Server 2.4 L2 v2.0.0 Middleware
10.1 Ensure the LimitRequestLine directive is Set to 512 or less	Unix	CIS Apache HTTP Server 2.4 L2 v1.5.0
10.1 Ensure the Maximum Request Line Length Is Set Properly	Unix	CIS Apache HTTP Server 2.2 L2 v3.5.0
10.2 Ensure the LimitRequestFields Directive is Set to 100 or Less	Unix	CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware
10.2 Ensure the LimitRequestFields Directive is Set to 100 or Less	Unix	CIS Apache HTTP Server 2.2 L2 v3.6.0
10.2 Ensure the LimitRequestFields Directive is Set to 100 or Less	Unix	CIS Apache HTTP Server 2.4 L2 v1.5.0
10.2 Ensure the LimitRequestFields Directive is Set to 100 or Less	Unix	CIS Apache HTTP Server 2.4 L2 v1.5.0 Middleware
10.2 Ensure the LimitRequestFields Directive is Set to 100 or Less	Unix	CIS Apache HTTP Server 2.4 L2 v2.0.0 Middleware
10.2 Ensure the LimitRequestFields Directive is Set to 100 or Less	Unix	CIS Apache HTTP Server 2.4 L2 v2.0.0
10.2 Ensure the Maximum Request Headers Per Request Is Set Properly	Unix	CIS Apache HTTP Server 2.2 L2 v3.5.0

Detections

Analytics

CSCv6|9

Title

Description

Reference Item Details

Audit Items