Nov 6, 2024 Functional Update- GEN001160/GEN001170 - All files and directories must have a valid owner and group owner.
- GEN002380 - The owner, group, mode, ACL, and location of files with the setuid bit set must be documented using site-defined procedures
- GEN002440 - The owner, group, mode, ACL, and location of files with the setgid bit set must be documented using site-defined procedures
- GEN002480 - Public directories must be the only world-writable directories and world-writable files must be located only in public dirs
- GEN002500 - The sticky bit must be set on all public directories.
Miscellaneous- Metadata updated.
- References updated.
|
Sep 19, 2023 Functional Update- GEN001160/GEN001170 - All files and directories must have a valid owner and group owner.
- GEN001890 - Local initialization files must not have extended ACLs - '.bash_logout'
- GEN001890 - Local initialization files must not have extended ACLs - '.bash_profile'
- GEN001890 - Local initialization files must not have extended ACLs - '.bashrc'
- GEN001890 - Local initialization files must not have extended ACLs - '.cshrc'
- GEN001890 - Local initialization files must not have extended ACLs - '.dispatch'
- GEN001890 - Local initialization files must not have extended ACLs - '.dtprofile'
- GEN001890 - Local initialization files must not have extended ACLs - '.emacs'
- GEN001890 - Local initialization files must not have extended ACLs - '.env'
- GEN001890 - Local initialization files must not have extended ACLs - '.exrc'
- GEN001890 - Local initialization files must not have extended ACLs - '.login'
- GEN001890 - Local initialization files must not have extended ACLs - '.logout'
- GEN001890 - Local initialization files must not have extended ACLs - '.profile'
- GEN002000 - There must be no .netrc files on the system.
- GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.rhosts'
- GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.shosts'
- GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'hosts.equiv'
- GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'shosts.equiv'
- GEN002300 - Device files used for backup must only be readable and/or writable by root or the backup user - '/dev/cd*'
- GEN002300 - Device files used for backup must only be readable and/or writable by root or the backup user - '/dev/rmt*'
- GEN002330 - Audio devices must not have extended ACLs.
- GEN002380 - The owner, group, mode, ACL, and location of files with the setuid bit set must be documented using site-defined procedures
- GEN002440 - The owner, group, mode, ACL, and location of files with the setgid bit set must be documented using site-defined procedures
- GEN002480 - Public directories must be the only world-writable directories and world-writable files must be located only in public dirs
- GEN002500 - The sticky bit must be set on all public directories.
- GEN002520 - All public directories must be owned by root or an application account.
- GEN002540 - All public directories must be group-owned by system or an application group.
- GEN003865 - Network analysis tools must not be installed - 'ethereal'
- GEN003865 - Network analysis tools must not be installed - 'netcat'
- GEN003865 - Network analysis tools must not be installed - 'snoop'
- GEN003865 - Network analysis tools must not be installed - 'tcpdump'
- GEN003865 - Network analysis tools must not be installed - 'tshark'
- GEN003865 - Network analysis tools must not be installed - 'wireshark'
- GEN004580 - The system must not use .forward files.
- GEN005190 - The .Xauthority files must not have extended ACLs.
- GEN005340 - Management Information Base (MIB) files must have mode 0640 or less permissive.
- GEN005350 - Management Information Base (MIB) files must not have extended ACLs.
Miscellaneous- References updated.
- Variables updated.
|
May 31, 2023 |
Apr 12, 2023 Miscellaneous- Metadata updated.
- Platform check updated.
- Variables updated.
|
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
|
Dec 7, 2022 Functional Update- GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'NTP daemon uses approved sources'
|
Apr 25, 2022 Miscellaneous- Metadata updated.
- References updated.
|
Jul 30, 2021 Miscellaneous- Metadata updated.
- References updated.
|
Jun 17, 2021 |
Feb 1, 2021 Miscellaneous- Metadata updated.
- References updated.
|
