Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1 Enable Secure Admin Access - 'ssh.access has been configured'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.5 Review Application Firewall RulesCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.6.5 Review Application Firewall RulesCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.mgmt_data_traffic = on'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.nfs is not blank'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

2.8 Protocol Access Controls - 'interface.blocked.snapmirror is not blank'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.1 Ensure IP forwarding is disabled (sysctl exec)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.1 Ensure IP forwarding is disabled (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled - 'sysctl net.ipv4.conf.all.send_redirects'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled - 'sysctl net.ipv4.conf.default.send_redirects'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.2 Ensure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.all.accept_redirects'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.5 Ensure broadcast ICMP requests are ignored (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.6 Ensure bogus ICMP responses are ignored (sysctl exec)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.all.rp_filter' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.default.rp_filter' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.7 Ensure Reverse Path Filtering is enabled - 'sysctl net.ipv4.conf.all.rp_filter'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.8 Ensure TCP SYN Cookies is enabled (sysctl exec)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.default.accept_ra' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Ensure IPv6 redirects are not accepted - 'sysctl net.ipv6.conf.all.accept_redirects'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Ensure IPv6 redirects are not accepted - 'sysctl net.ipv6.conf.default.accept_redirects'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.3 Ensure ufw service is enabled - ufwCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.4 Ensure ufw loopback traffic is configured - v6CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.2 Ensure ufw is uninstalled or disabled with nftablesCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.4 Ensure a nftables table existsCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.5 Ensure nftables base chains exist - forwardCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.5 Ensure nftables base chains exist - outputCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.8 Ensure nftables default deny firewall policy - forwardCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.8 Ensure nftables default deny firewall policy - outputCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.10 Ensure nftables rules are permanentCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.1.1 Ensure iptables packages are installed - iptables-persistentCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.1 Ensure iptables default deny firewall policy - 'Chain FORWARD'CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.2 Ensure ip6tables loopback traffic is configuredCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.4 Ensure ip6tables firewall rules exist for all open portsCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - 'Chain FORWARD'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2 Ensure default deny firewall policy - 'Chain OUTPUT'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - FORWARDCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - INPUTCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.1 Ensure IPv4 default deny firewall policy - OUTPUTCIS Oracle Linux 6 Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.2 Ensure IPv4 loopback traffic is configured - INPUTCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.2.3 Ensure IPv4 outbound and established connections are configuredCIS Red Hat 6 Server L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - FORWARDCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - OUTPUTCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.1 Ensure IPv6 default deny firewall policy - OUTPUTCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.2 Ensure IPv6 loopback traffic is configured - INPUTCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.2 Ensure IPv6 loopback traffic is configured - OUTPUTCIS Oracle Linux 6 Server L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.4 Ensure IPv6 firewall rules exist for all open ports - ssCIS Red Hat 6 Workstation L1 v3.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

7.1.3 Ensure that the Promiscuous Mode policy is set to rejectCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.6 Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'CIS Windows 7 Workstation Level 1 v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION