Nov 6, 2024 Functional Update- 5.1 Set Sticky Bit on World Writable Directories
- 9.22 Find World Writable Files
- 9.23 Find SUID/SGID System Executables
- 9.24 Find Un-owned Files and Directories
|
Oct 15, 2024 Functional Update- 9.25 Find Files and Directories with Extended Attributes
|
Jun 17, 2024 |
Sep 19, 2023 Functional Update- 5.1 Set Sticky Bit on World Writable Directories
- 9.14 Check User Home Directory Ownership
- 9.22 Find World Writable Files
- 9.23 Find SUID/SGID System Executables
- 9.24 Find Un-owned Files and Directories
- 9.25 Find Files and Directories with Extended Attributes
- 9.7 Check Permissions on User Home Directories
- 9.8 Check Permissions on User '.' (Hidden) Files
Miscellaneous- Metadata updated.
- References updated.
- Variables updated.
|
May 31, 2023 |
Apr 12, 2023 Functional Update- 7.1 Set Password Expiration Parameters on Active Accounts - MAXWEEKS = 13
- 7.1 Set Password Expiration Parameters on Active Accounts - MINWEEKS = 1
- 7.1 Set Password Expiration Parameters on Active Accounts - WARNWEEKS = 4
- 7.2 Set Strong Password Creation Policies - DICTIONDBDIR = /var/passwd
- 7.2 Set Strong Password Creation Policies - DICTIONLIST = /usr/share/lib/dict/words
- 7.2 Set Strong Password Creation Policies - HISTORY = 10
- 7.2 Set Strong Password Creation Policies - MAXREPEATS = 0
- 7.2 Set Strong Password Creation Policies - MINALPHA = 2
- 7.2 Set Strong Password Creation Policies - MINDIFF = 3
- 7.2 Set Strong Password Creation Policies - MINLOWER = 1
- 7.2 Set Strong Password Creation Policies - MINNONALPHA = 1
- 7.2 Set Strong Password Creation Policies - MINUPPER = 1
- 7.2 Set Strong Password Creation Policies - NAMECHECK = yes
- 7.2 Set Strong Password Creation Policies - PASSLENGTH = 8
- 7.2 Set Strong Password Creation Policies - WHITESPACE = yes
Miscellaneous- Metadata updated.
- Platform check updated.
- Variables updated.
|
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
|
Jan 4, 2023 |
Dec 7, 2022 Functional Update- 2.11 Configure TCP Wrappers - inetadm tcp_wrapers = true
- 3.10 Disable Response to Multicast Echo Request - current ipv4 = 0
- 3.10 Disable Response to Multicast Echo Request - current ipv6 = 0
- 3.10 Disable Response to Multicast Echo Request - persistent ipv4 = 0
- 3.10 Disable Response to Multicast Echo Request - persistent ipv6 = 0
- 3.11 Ignore ICMP Redirect Messages - current ipv4 = 1
- 3.11 Ignore ICMP Redirect Messages - current ipv6 = 1
- 3.11 Ignore ICMP Redirect Messages - persistent ipv4 = 1
- 3.11 Ignore ICMP Redirect Messages - persistent ipv6 = 1
- 3.12 Set Strict Multihoming - current ipv4 = 0
- 3.12 Set Strict Multihoming - current ipv6 = 0
- 3.12 Set Strict Multihoming - persistent ipv4 = 0
- 3.12 Set Strict Multihoming - persistent ipv6 = 0
- 3.13 Disable ICMP Redirect Messages - current ipv4 = 0
- 3.13 Disable ICMP Redirect Messages - current ipv6 = 0
- 3.13 Disable ICMP Redirect Messages - persistent ipv4 = 0
- 3.13 Disable ICMP Redirect Messages - persistent ipv6 = 0
- 3.14 Disable TCP Reverse IP Source Routing - current tcp = 0
- 3.14 Disable TCP Reverse IP Source Routing - persistent tcp = 0
- 3.15 Set Maximum Number of Half-open TCP Connections - current tcp = 4096
- 3.15 Set Maximum Number of Half-open TCP Connections - persistent tcp = 4096
- 3.16 Set Maximum Number of Incoming Connections - current tcp = 1024
- 3.16 Set Maximum Number of Incoming Connections - persistent tcp = 1024
- 3.4 Disable Source Packet Forwarding - current ipv4 = 0
- 3.4 Disable Source Packet Forwarding - current ipv6 = 0
- 3.4 Disable Source Packet Forwarding - persistent ipv4 = 0
- 3.4 Disable Source Packet Forwarding - persistent ipv6 = 0
- 3.5 Disable Directed Broadcast Packet Forwarding - current ip = 0
- 3.5 Disable Directed Broadcast Packet Forwarding - persistent ip = 0
- 3.6 Disable Response to ICMP Timestamp Requests - current ip = 0
- 3.6 Disable Response to ICMP Timestamp Requests - persistent ip = 0
- 3.7 Disable Response to ICMP Broadcast Timestamp Requests - current ip = 0
- 3.7 Disable Response to ICMP Broadcast Timestamp Requests - persistent ip = 0
- 3.8 Disable Response to ICMP Broadcast Netmask Requests - current ip = 0
- 3.8 Disable Response to ICMP Broadcast Netmask Requests - persistent ip = 0
- 3.9 Disable Response to Broadcast ICMPv4 Echo Request - current ip = 0
- 3.9 Disable Response to Broadcast ICMPv4 Echo Request - persistent ip = 0
- 4.1 Create CIS Audit Class
- 4.5 Configure Solaris Auditing - audit condition = auditing
- 4.5 Configure Solaris Auditing - audit_binfile (active)
- 6.11 Remove Autologin Capabilities from the GNOME desktop
- 6.11 Remove Autologin Capabilities from the GNOME desktop - pam.conf
- 6.11 Remove Autologin Capabilities from the GNOME desktop - pam.d/gdm-autologin
- 6.12 Set Default Screen Lock for GNOME Users
- 6.12 Set Default Screen Lock for GNOME Users - lock = true
- 6.12 Set Default Screen Lock for GNOME Users - lockTimeout = 0
- 6.12 Set Default Screen Lock for GNOME Users - timeout = 10
- 6.16 Set EEPROM Security Mode and Log Failed Access (SPARC)
- 6.16 Set EEPROM Security Mode and Log Failed Access (SPARC) - eeprom security-#badlogins = 0
- 6.16 Set EEPROM Security Mode and Log Failed Access (SPARC) - eeprom security-mode = command
- 6.17 Secure the GRUB Menu (Intel)
- 6.17 Secure the GRUB Menu (Intel) - grub.cfg password
- 6.17 Secure the GRUB Menu (Intel) - grub.cfg timeout = 30
- 6.17 Secure the GRUB Menu (Intel) - grub.d/01_password
- 6.17 Secure the GRUB Menu (Intel) - grub2_defs.bios GRUB_TIMEOUT = 30
- 6.17 Secure the GRUB Menu (Intel) - menu.conf timeout = 30
- 6.17 Secure the GRUB Menu (Intel) - passwd.cfg
- 6.17 Secure the GRUB Menu (Intel) - passwd.cfg - password_pbkdf2
- 6.17 Secure the GRUB Menu (Intel) - passwd.cfg - superusers
- 7.6 Lock Inactive User Accounts - useradd -D, 35
- 8.3 Enable a Warning Banner for the GNOME Service
|
Apr 25, 2022 |
