Detections
Analytics

Item Search

NameAudit NamePluginCategory
DISA_IIS_8.5_Web_Server_v2r6.audit from DISA Microsoft IIS 8.5 Server v2r6 STIGDISA IIS 8.5 Server v2r6Windows
DISA_IIS_8.5_Web_Site_v2r7.audit from DISA Microsoft IIS 8.5 Site v2r7 STIGDISA IIS 8.5 Site v2r7Windows
DISA_IIS_8.5_Web_Site_v2r8.audit from DISA Microsoft IIS 8.5 Site v2r8 STIGDISA IIS 8.5 Site v2r8Windows
Interior routing protocols are not authenticated - 'RIP Check'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET-IPV6-034 - IPv6 Egress Outbound Spoofing Filter - 'ipv6 verify unicast source reachable-via rx OUTBOUND_TO_BACKBONE'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET-IPV6-059 - Maximum hop limit is less than 32DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

CONFIGURATION MANAGEMENT

NET-IPV6-065 - The 6-to-4 router is not filtering protocol 41 - 'ip access-group IPV4_EGRESS_FILTER'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET-IPV6-066 - 6-to-4 router not filtering invalid source address - 'permit ipv6 2002:V4ADDR::/48'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET-MCAST-001 - PIM enabled on wrong interfaces -'interfaces enabled for PIM'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET-MCAST-002 - PIM neighbor filter is not configured - 'ip access-list standard IP_PIM_NEIGHBORS_ACL'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET-MCAST-002 - PIM neighbor filter is not configured - 'ipv6 access-list IPV6_PIM_NEIGHBORS_ACL'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET-MCAST-010 - No Admin-local or Site-local boundary - ip access-list standard - 'deny 239'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET-MCAST-010 - No Admin-local or Site-local boundary - ip access-list standard - 'permit 224'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET-NAC-031DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET-SRVFRM-003 - ACLs must restrict access to server VLANsDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET-VLAN-002 - Disabled ports are not kept in an unused VLAN.DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET0400 - Interior routing protocols are not authenticated - 'EIGRP (Interface Check - authentication mode)'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0400 - Interior routing protocols are not authenticated - 'IS-IS (Router Check - authentication key-chain)'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0400 - Interior routing protocols are not authenticated - 'OSPFv2 (Interface Check)'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

NET0400 - Interior routing protocols are not authenticated - 'RIPv2 (Interface Check - authentication mode)'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0400 - Interior routing protocols are not authenticated - 'RIPv2 (Key-Chain Check)'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION

NET0433 - The device is not authenticated using a AAA server - 'tacacs-server host(s) - more than 2 hosts exist'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION

NET0441 - Emergency administration account privilege level is not set.DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION

NET0600 - Passwords are viewable when displaying the configDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION

NET0722 - The PAD service is enabledDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

CONFIGURATION MANAGEMENT

NET0726 - Identification support is enabled.DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

CONFIGURATION MANAGEMENT

NET0760 - Configuration auto-loading must be disabled - 'service config'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND INFORMATION INTEGRITY

NET0812 - Two NTP servers are not used to synchronize time - 'First NTP Server'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

AUDIT AND ACCOUNTABILITY

NET0812 - Two NTP servers are not used to synchronize time - 'ntp multicast client MULTICAST_IP_1'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

CONFIGURATION MANAGEMENT

NET0812 - Two NTP servers are not used to synchronize time - 'Second NTP Server'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

AUDIT AND ACCOUNTABILITY

NET0902 - FTP/TFTP traffic does not use loopback - 'ip ftp source-interface Loopback0'DISA STIG Cisco Infrastructure Router v8r29Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0903 - Loopback address is not used as the iBGP source IPDISA STIG Cisco Infrastructure Router v8r29Cisco
NET0949 - Cisco Express Fowarding (CEF) not enabled on supported devicesDISA STIG Cisco Infrastructure Router v8r29Cisco

CONFIGURATION MANAGEMENT

NET0966 - Control plan protection is not enabled - 'inbound ACL option'DISA STIG Cisco Infrastructure Router v8r29Cisco
NET0985 - IGP instances do not peer with appropriate domainDISA STIG Cisco Infrastructure Router v8r29Cisco
NET0988 - Traffic from the managed network will leak - 'OOBM Interface (ip access-list OOBM_EGRESS_ACL out)'DISA STIG Cisco Infrastructure Router v8r29Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0991 - The OOBM interface not configured correctlyDISA STIG Cisco Infrastructure Router v8r29Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1005 - No inbound ACL for mgmt network sub-interface - 'Sub-Interface Ingress ACL Permit/Deny'DISA STIG Cisco Infrastructure Router v8r29Cisco
NET1005 - No inbound ACL for mgmt network sub-interface - 'Sub-Interface Ingress ACL'DISA STIG Cisco Infrastructure Router v8r29Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1007 - Management traffic is not classified and markedDISA STIG Cisco Infrastructure Router v8r29Cisco
NET1007 - Management traffic is not classified and marked - 'ip access-list extended MGMT_TRAFFIC_CLASSIFICATION_ACL permit'DISA STIG Cisco Infrastructure Router v8r29Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1007 - Management traffic is not classified and marked - 'policy-map DIST_LAYER_POLICY'DISA STIG Cisco Infrastructure Router v8r29Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1020 - Interface ACL deny statements are not loggedDISA STIG Cisco Infrastructure Router v8r29Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1021 - The network element must log all messages except debugging. - 'Debugging on'DISA STIG Cisco Infrastructure Router v8r29Cisco

AUDIT AND ACCOUNTABILITY

NET1637 - Management connections are not restricted - 'VTY port (access-class ACL_LIST in)'DISA STIG Cisco Infrastructure Router v8r29Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1638 - Management connections must be secured by FIPS 140-2 -'ip scp secure-server'DISA STIG Cisco Infrastructure Router v8r29Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1646 - SSH login attempts value is greater than 3 - 'ip ssh authentication-retries not found'DISA STIG Cisco Infrastructure Router v8r29Cisco

ACCESS CONTROL

NET1808 - Remote VPN end-point not a mirror of local gatewayDISA STIG Cisco Infrastructure Router v8r29Cisco
SNMPv2 CONFIG IF STATEMENTDISA STIG Cisco Infrastructure Router v8r29Cisco
SNMPv3 CONFIG IF STATEMENTDISA STIG Cisco Infrastructure Router v8r29Cisco