Detections
Analytics

Item Search

NameAudit NamePluginCategory
DM6030: Event forwarding/Forward events setting - 'Registry value AlertForwardingServer is NULL or does not exist'DISA STIG SQL Server 2005 Database OS Audit v1r7Windows
Interior routing protocols are not authenticated - 'EIGRP Check'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
Interior routing protocols are not authenticated - 'IS-IS Check'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
Interior routing protocols are not authenticated - 'OSPFv2 Check'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET-IPV6-033 - IPv6 routers are not configured with CEF enabledDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

CONFIGURATION MANAGEMENT

NET-MCAST-001 - PIM enabled on wrong interfaces -'ip multicast-routing'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

CONFIGURATION MANAGEMENT

NET-MCAST-001 - PIM enabled on wrong interfaces -'ipv6 multicast-routing'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

CONFIGURATION MANAGEMENT

NET-MCAST-002 - PIM neighbor filter is not configured - 'ipv6 pim neighbor-filter list IPV6_PIM_NEIGHBORS_ACL'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET-NAC-009 - 'aaa authentication'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION

NET-NAC-009 - 'radius-server host'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION

NET-NAC-009 - 'step 3'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET-NAC-009 - 'system-auth-control'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION

NET-NAC-012 - Re-authentication must occur every 60 minutes.DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION

NET-NAC-032 - Switchport does not shutdown on a violationDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND INFORMATION INTEGRITY

NET-TUNL-012 - Tunnel Default Router ConfiguredDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET-TUNL-017 - ISATAP tunnels must terminate at interior routerDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET-VLAN-006 - The VLAN1 is being used for management traffic.DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET-VLAN-009 - Access switchports are assigned to the native VLANDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET-VLAN-023 - Restricted VLAN not assigned to non-802.1x device.DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET0240 - Devices exist with standard default passwordsDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET0400 - Interior routing protocols are not authenticated - 'EIGRP (Interface Check - authentication key-chain)'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0400 - Interior routing protocols are not authenticated - 'IS-IS (Interface Check - isis authentication key-chain)'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0400 - Interior routing protocols are not authenticated - 'OSPFv2 (Router Check)'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION

NET0425 - An Infinite Lifetime key has not been implemented - 'Ensure rotating keys are not set to accept-lifetime infinite - Key 1'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION

NET0433 - The device is not authenticated using a AAA server - 'aaa authentication login'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION

NET0433 - The device is not authenticated using a AAA server - 'line con - authentication'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

IDENTIFICATION AND AUTHENTICATION

NET0460 - Group accounts are definedDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET0720 - TCP and UDP small server services are not disabled - 'service tcp-small-servers'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

CONFIGURATION MANAGEMENT

NET0744 - BSDr commands are not disabled - rsh-enableDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

CONFIGURATION MANAGEMENT

NET0750 - The Bootp service is not disabledDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

CONFIGURATION MANAGEMENT

NET0770 - IP Source Routing is not disabled on all routers.DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0890 - Network devices must restrict SNMPv2 access to the management network.DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0890 - Network devices must restrict SNMPv3 access to the management network.DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0894 - Network element must only allow SNMP read access - 'community RW'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

ACCESS CONTROL

NET0966 - Control plan protection is not enabled - 'Steps 1 - 3'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET0986 - Routes from the two IGP domains are redistributedDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0987 - Managed network has access to OOBM gateway router - 'Review IP_RECEIVE_ACL'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET0989 - Management traffic leaks into the managed network - 'OOBM Interface (ip access-list ACL_LIST in)'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0992 - The management interface does not have an ACL - 'Step 3 (access-list MGMT_EGRESS_ACL deny)'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0994 - Management interface is assigned to a user VLAN - 'access mode'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1003 - Mgmt VLAN does not have correct IP addressDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET1006 - IPSec traffic is not restricted - 'crypto map configured on interface'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1006 - IPSec traffic is not restricted - 'crypto map IN_BAND_MGMT_VPN - match address IN_BAND_MGMT_VPN_ACL'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1021 - The network element must log all messages except debugging. - 'Logging trap'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

AUDIT AND ACCOUNTABILITY

NET1030 - Running and startup configurations are not synchronizedDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco
NET1623 - Authentication required for console access - 'AUX port no exec'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

CONFIGURATION MANAGEMENT

NET1623 - Authentication required for console access - 'CON port (login authentication AUTH_LIST)'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

ACCESS CONTROL

NET1629 - The auxiliary port is not disabledDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

CONFIGURATION MANAGEMENT

NET1638 - Management connections must be secured by FIPS 140-2 -'ssh algorithm mac'DISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

SNMPv3 CONFIG IF STATEMENTDISA STIG Cisco Infrastructure Router and L3 Switch v8r28Cisco