Detections
Analytics

Revision 1.3

Mar 1, 2021
Functional Update
  • 5.2.10 Ensure SSH root login is disabled
  • 5.2.11 Ensure SSH PermitEmptyPasswords is disabled
  • 5.2.12 Ensure SSH PermitUserEnvironment is disabled
  • 5.2.13 Ensure only strong Ciphers are used - approved ciphers
  • 5.2.13 Ensure only strong Ciphers are used - weak ciphers
  • 5.2.14 Ensure only strong MAC algorithms are used - approved MACs
  • 5.2.14 Ensure only strong MAC algorithms are used - weak MACs
  • 5.2.15 Ensure only strong Key Exchange algorithms are used - approved algorithms
  • 5.2.15 Ensure only strong Key Exchange algorithms are used - weak algorithms
  • 5.2.16 Ensure SSH Idle Timeout Interval is configured - ClientAliveCountMax
  • 5.2.16 Ensure SSH Idle Timeout Interval is configured - ClientAliveInterval
  • 5.2.17 Ensure SSH LoginGraceTime is set to one minute or less
  • 5.2.18 Ensure SSH warning banner is configured
  • 5.2.19 Ensure SSH PAM is enabled
  • 5.2.21 Ensure SSH MaxStartups is configured
  • 5.2.22 Ensure SSH MaxSessions is limited
  • 5.2.4 Ensure SSH access is limited
  • 5.2.5 Ensure SSH LogLevel is appropriate
  • 5.2.7 Ensure SSH MaxAuthTries is set to 4 or less
  • 5.2.8 Ensure SSH IgnoreRhosts is enabled
  • 5.2.9 Ensure SSH HostbasedAuthentication is disabled
  • 5.6 Ensure access to the su command is restricted
Miscellaneous
  • References updated.