Nov 6, 2024 Functional Update- GEN001160 - All files and directories must have a valid owner.
- GEN001170 - All files and directories must have a valid group-owner.
- GEN002380 - The owner, group-owner, mode, ACL, and location of files with the setuid bit set must be documented using site-defined procedures.
- GEN002440 - The owner, group-owner, mode, ACL and location of files with the setgid bit set must be documented using site-defined procedures - sgid bit set must be documented.
- GEN002480 - Public directories must be the only world-writable directories and world-writable files must be located only in public directories - 'directories'
- GEN002480 - Public directories must be the only world-writable directories and world-writable files must be located only in public directories - 'files'
- GEN002500 - The sticky bit must be set on all public directories.
|
Jun 17, 2024 |
Sep 19, 2023 Functional Update- GEN001160 - All files and directories must have a valid owner.
- GEN001170 - All files and directories must have a valid group-owner.
- GEN001660 - All system start-up files must be owned by root.
- GEN001680 - All system start-up files must be group-owned by root, sys, bin, other, or system.
- GEN002000 - There must be no .netrc files on the system.
- GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.rhosts'
- GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.shosts'
- GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'hosts.equiv'
- GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'shosts.equiv'
- GEN002380 - The owner, group-owner, mode, ACL, and location of files with the setuid bit set must be documented using site-defined procedures.
- GEN002440 - The owner, group-owner, mode, ACL and location of files with the setgid bit set must be documented using site-defined procedures - sgid bit set must be documented.
- GEN002480 - Public directories must be the only world-writable directories and world-writable files must be located only in public directories - 'directories'
- GEN002480 - Public directories must be the only world-writable directories and world-writable files must be located only in public directories - 'files'
- GEN002500 - The sticky bit must be set on all public directories.
- GEN002520 - All public directories must be owned by root or an application account.
- GEN002540 - All public directories must be group-owned by root, sys, bin, or an application group.
- GEN003865 - Network analysis tools must not be installed - 'ethereal'
- GEN003865 - Network analysis tools must not be installed - 'nc'
- GEN003865 - Network analysis tools must not be installed - 'snoop'
- GEN003865 - Network analysis tools must not be installed - 'tcpdump'
- GEN003865 - Network analysis tools must not be installed - 'tshark'
- GEN003865 - Network analysis tools must not be installed - 'wireshark'
- GEN004580 - The system must not use .forward files - 'find .forward'
Miscellaneous- References updated.
- Variables updated.
|
Apr 12, 2023 Functional Update- GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds.
Miscellaneous- Metadata updated.
- Platform check updated.
- Variables updated.
|
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
|
Jan 4, 2023 Functional Update- GEN005524 - The SSH daemon must not permit GSSAPI authentication unless needed.
|
Dec 7, 2022 |
Apr 25, 2022 Miscellaneous- Metadata updated.
- References updated.
|
