Item Search

Name	Audit Name	Plugin	Category
1.1.1 Ensure mounting of squashfs filesystems is disabled - lsmod	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.15 Ensure nodev option set on /dev/shm partition	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.2.1 Ensure package manager repositories are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND INFORMATION INTEGRITY
1.4.2 Ensure authentication required for single user mode - rescue.service	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.1 Ensure core dumps are restricted - sysctl	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.7.1.1 Ensure message of the day is configured properly - msrv	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.7.1.3 Ensure remote login warning banner is configured properly - banner check	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.7.1.6 Ensure permissions on /etc/issue.net are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.8 Ensure updates, patches, and additional security software are installed	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND INFORMATION INTEGRITY
2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.websocket.LEVEL=DEBUG	TNS Best Practice Jetty 9 Linux	Unix	AUDIT AND ACCOUNTABILITY
2.1.1.2 Ensure ntp is configured - -u ntp:ntp	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
2.1.1.2 Ensure ntp is configured - NTP server/pool	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
2.1.6 Ensure LDAP server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.9 Ensure FTP Server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.13 Ensure HTTP Proxy Server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.14 Ensure SNMP Server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.17 Ensure rsh server is not enabled - rexec.socket status	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.19 Ensure tftp server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.1.1 Ensure IP forwarding is disabled - sysctl.conf sysctl.d	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure ICMP redirects are not accepted - sysctl.conf sysctl.d net.ipv4.conf.all.accept_redirects	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.3 Ensure secure ICMP redirects are not accepted - sysctl.conf sysctl.d net.ipv4.conf.default.secure_redirects	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.7 Ensure Reverse Path Filtering is enabled - sysctl.conf sysctl.d net.ipv4.conf.default.rp_filter	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure /etc/hosts.allow is configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.3 Ensure /etc/hosts.deny is configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.1.1 Ensure default deny firewall policy - Chain OUTPUT	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.1.2 Ensure loopback traffic is configured - input	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
5.2.3 Ensure the maximum buffer size for URIs is defined	CIS NGINX Benchmark v2.1.0 L1 Loadbalancer	Unix	SYSTEM AND SERVICES ACQUISITION
5.2.3 Ensure the maximum buffer size for URIs is defined	CIS NGINX Benchmark v2.1.0 L1 Proxy	Unix	SYSTEM AND SERVICES ACQUISITION
5.2.3 Ensure the maximum buffer size for URIs is defined	CIS NGINX Benchmark v2.1.0 L1 Webserver	Unix	SYSTEM AND SERVICES ACQUISITION
CIS_Amazon_Linux_2_STIG_v1.0.0_L2.audit from CIS Amazon Linux 2 STIG Benchmark v1.0.0	CIS Amazon Linux 2 STIG v1.0.0 L2	Unix
CISC-ND-000110 - The Cisco switch must be configured to automatically audit account disabling actions.	DISA STIG Cisco NX-OS Switch NDM v3r2	Cisco	ACCESS CONTROL
CISC-ND-000120 - The Cisco switch must be configured to automatically audit account removal actions.	DISA STIG Cisco NX-OS Switch NDM v3r2	Cisco	ACCESS CONTROL
CISC-ND-001140 - The Cisco router must be configured to encrypt SNMP messages using a FIPS 140-2 approved algorithm.	DISA STIG Cisco IOS Router NDM v3r2	Cisco	ACCESS CONTROL
CISC-ND-001140 - The Cisco switch must be configured to encrypt SNMP messages using a FIPS 140-2 approved algorithm.	DISA STIG Cisco IOS XE Switch NDM v3r2	Cisco	ACCESS CONTROL
CISC-ND-001140 - The Cisco switch must be configured to encrypt SNMP messages using a FIPS 140-2 approved algorithm.	DISA STIG Cisco IOS Switch NDM v3r2	Cisco	ACCESS CONTROL
Configuration files should be secured against unauthorized access.	TNS IBM HTTP Server Best Practice Middleware	Unix
Configuration files should be secured against unauthorized access.	TNS IBM HTTP Server Best Practice	Windows
Configuration files should be secured against unauthorized access.	TNS IBM HTTP Server Best Practice	Unix
Encryption type for password protected Office Open XML files	MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
ip dhcp snooping information option circuit-id type 2 format	DISA STIG Arista MLS EOS 4.2x L2S v2r1	Arista
Logs containing auditing information should be secured at the directory level.	TNS IBM HTTP Server Best Practice Middleware	Unix	AUDIT AND ACCOUNTABILITY
Logs containing auditing information should be secured at the directory level.	TNS IBM HTTP Server Best Practice	Unix	AUDIT AND ACCOUNTABILITY
rsyslog.service	CIS Amazon Linux 2 v3.0.0 L1	Unix
shadow inactive password lock	CIS Amazon Linux 2 v3.0.0 L1	Unix
smb.service enabled	CIS Amazon Linux 2 v3.0.0 L1	Unix
system-auth	CIS Amazon Linux 2 v3.0.0 L1	Unix
systemctl status aidecheck.timer	CIS Amazon Linux 2 v3.0.0 L1	Unix
telnet-server is installed	CIS Amazon Linux 2 v3.0.0 L1	Unix
tftp.socket tftp.service enabled	CIS Amazon Linux 2 v3.0.0 L1	Unix
yum.repos.d configuration is set correctly	CIS Amazon Linux 2 v3.0.0 L1	Unix

Detections

Analytics

Item Search