1.2 Set 'Maximum receive size - organization level' to '10240' | CIS Microsoft Exchange Server 2013 Hub v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.4.11 Enable Dynamic IP Address Restrictions - Not Logging Only Mode | CIS IIS 8.0 v1.4.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.6.1 Configure Login Block - login block-for | CIS Cisco IOS 16 L2 v1.1.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
1.7 Set 'Maximum number of recipients - organization level' to '5000' | CIS Microsoft Exchange Server 2016 Hub v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.18 Set 'Maximum receive size - connector level' to '10240' | CIS Microsoft Exchange Server 2013 Hub v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.2.5 Ensure 'Maximum receive size: Connector level' is set to '25' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.2.11 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to '(DROP,3)' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
3.7 - Network Parameters are not tuned - Maximum Open Sockets | TNS Oracle WebLogic Server 11 Linux Best Practices | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.13 Disable ICMP Redirect Messages - current ipv4 = off | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.13 Disable ICMP Redirect Messages - persistent ipv4 = off | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.13 Disable ICMP Redirect Messages - persistent ipv6 = off | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.14 - Maximum Message Size is not set - Maximum HTTP Message Size | TNS Oracle WebLogic Server 11 Linux Best Practices | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.14 - Maximum Message Size is not set - Maximum Message Size | TNS Oracle WebLogic Server 11 Linux Best Practices | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
4.11 Ensure 'Dynamic IP Address Restrictions' is enabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
4.11 Ensure 'Dynamic IP Address Restrictions' is enabled - Not Logging Only Mode | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
5.14 Set the 'on-failure' container restart policy to 5 - RestartPolicyName=always | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.14 Set the 'on-failure' container restart policy to 5 - RestartPolicyName=on-failure | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.14 Set the 'on-failure' container restart policy to 5 - RestartPolicyName=on-failure | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.15 Set the 'on-failure' container restart policy to 5 - RestartPolicyName=on-failure | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.28 Use PIDs cgroup limit | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
8.5.1 Ensure VM limits are configured correctly - Mem Share Level | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
8.5.1 Prevent virtual machines from taking over resources - Mem Share Level | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
10.11 Configure maxHttpHeaderSize | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
10.11 Configure maxHttpHeaderSize | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
10.11 Configure maxHttpHeaderSize | CIS Apache Tomcat 8 L2 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Access Security - SSH - Set connection-limit and rate-limit restrictions - rate-limit | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
Buffer overflow protection should be configured 'LimitRequestFields' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Buffer overflow protection should be configured 'LimitRequestFieldsize' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Buffer overflow protection should be configured 'LimitRequestline' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Control Plane Policing | ArubaOS CX 10.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
CPM Filtering: Filter for IGMP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
CPM Filtering: Filter for PIM | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
DHCP snooping - global | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
Dynamic ARP Protection - global | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure that the 'skip_show_database' database flag for a Cloud Databases Mysql instance is set to '1' | Tenable Best Practices RackSpace v2.0.0 | Rackspace | SYSTEM AND COMMUNICATIONS PROTECTION |
Fortigate - reset-sessionless-tcp disabled | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
MaxKeepAliveRequests parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0781 - Gratuitous ARP must be disabled. | DISA STIG Cisco Perimeter Router v8r8 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0960 - Routers are not set to intercept TCP SYN attacks - 'access-list TCP_INTERCEPT_ACL permit tcp any INTERNAL_NETWORK' | DISA STIG Cisco Perimeter Router v8r8 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0960 - Routers are not set to intercept TCP SYN attacks - 'ip tcp intercept list TCP_INTERCEPT_ACL' | DISA STIG Cisco Perimeter Router v8r8 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
Network Security - Disable ICMP timestamp & record route requests - no-ping-record-route | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
Network Security - Disable ICMP timestamp & record route requests - no-ping-time-stamp | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
SonicWALL - Flood Protection - Layer 2 - All Interfaces | TNS SonicWALL v5.8 Best Practices | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
SonicWALL - Flood Protection - TCP - checksum enforcement | TNS SonicWALL v5.8 Best Practices | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
WA000-WI6094 - The UriMaxUriBytes registry entry is not set properly. | DISA STIG IIS 6.0 Installation v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WA000-WI6098 - The MaxRequestEntityAllowed metabase value is not defined - 'IisWebServerSetting' | DISA STIG IIS 6.0 Site Checklist v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WA000-WI6098 - The MaxRequestEntityAllowed metabase value is not defined - 'IisWebServiceSetting' | DISA STIG IIS 6.0 Site Checklist v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WatchGuard : DoS Prevention - Drop IKE Flood Attack | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
WatchGuard : DoS Prevention - Drop IP Source Route | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
WatchGuard : DoS Prevention - Drop UDP Flood Attack | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |