Item Search

Name	Audit Name	Plugin	Category
GEN000000-AIX00080 - The SYSTEM attribute must not be set to NONE for any account.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
GEN000000-AIX0320 - The /etc/ftpaccess.ctl file must be owned by root.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN000000-AIX0350 - The /etc/ftpaccess.ctl file must not have an extended ACL.	DISA STIG AIX 6.1 v1r14	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - '/etc/passwd - halt'	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - '/etc/passwd - shutdown'	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - '/etc/shadow - reboot'	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - '/etc/shadow - shutdown'	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
GEN000000-LNX00400 - The /etc/security/access.conf file must be owned by root.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN000000-LNX00420 - The /etc/security/access.conf file must have a privileged group owner.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN000000-LNX00440 - The /etc/security/access.conf file must have mode 0640 or less permissive.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN000000-LNX00450 - The /etc/security/access.conf file must not have an extended ACL.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN000000-LNX00560 - The Linux NFS Server must not have the insecure file locking option.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
GEN000000-LNX00600 - PAM system must not grant sole access to admin privileges to the first user who logs into the console.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN000000-LNX00640 - The /etc/securetty file must be owned by root.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN000000-LNX00660 - The /etc/securetty file must have mode 0640 or less permissive.	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001475 - The /etc/group file must not contain any group password hashes.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001490 - User home directories must not have extended ACLs.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001520 - All interactive user home directories must be group-owned by the home directory owners primary group.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001560 - All files and directories contained in user home directories must have mode 0750 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN002280 - Device files and directories must only be writable by users with a system account or as configured by the vendor.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN002320 - Audio devices must have mode 0660 or less permissive - '/dev/snd/*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN002330 - Audio devices must not have extended ACLs - '/dev/audio*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN002340 - Audio devices must be owned by root - '/dev/audio*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN002420 - Removable media, remote file systems, and any file system not containing approved setuid files must be mounted with the nosuid option - nosuid option.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004430 - Files executed through a mail aliases file must not have extended ACLs.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004510 - The SMTP service log file must not have an extended ACL.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004920 - The ftpusers file must be owned by root - '/etc/vsftpd.ftpusers'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004920 - The ftpusers file must be owned by root - '/etc/vsftpd/ftpusers'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004930 - The ftpusers file must be group-owned by root, bin, sys, or system - '/etc/vsftpd.ftpusers'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004950 - The ftpusers file must not have an extended ACL - '/etc/ftpusers'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005040 - All FTP users must have a default umask of 077 - '/etc/xinetd.d/gssftp'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005120 - The TFTP daemon must be configured to vendor specifications, including a dedicated TFTP user account, a non-login shell such as /bin/false, and a home directory owned by the TFTP user.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005140 - Any active TFTP daemon must be authorized and approved in the system accreditation package.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005180 - All .Xauthority files must have mode 0600 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005340 - Management Information Base (MIB) files must have mode 0640 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005350 - Management Information Base (MIB) files must not have extended ACLs.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005360 - The snmpd.conf file must be owned by root.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005375 - The snmpd.conf file must not have an extended ACL.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005390 - The /etc/syslog.conf file must have mode 0640 or less permissive - /etc/syslog.conf	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005420 - The /etc/syslog.conf file must be group-owned by root, bin, sys, or system.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005537 - The SSH daemon must use privilege separation.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005740 - The Network File System (NFS) export configuration file must be owned by root.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005800 - All Network File System (NFS) exported system files and system directories must be owned by root.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN006160 - The /etc/smbpasswd file must be owned by root - '/etc/samba/passdb.tdb'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006220 - The smb.conf file must use the hosts option to restrict access to Samba - hosts option to restrict access to Samba.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008080 - If the system is using LDAP for authentication or account information, the /etc/ldap.conf (or equivalent) file must be owned by root - or equivalent file must be owned by root.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008160 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must be group-owned by root, bin, sys, or system - '/etc/ssl/'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008180 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must have mode 0644 (0755 for directories) or less permissive - '/etc/ssl/ca.cert'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008220 - For systems using NSS LDAP, the TLS certificate file must be owned by root - ''/etc/openldap/cacerts/cert.pem	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008320 - If the system is using LDAP for authentication or account information, the LDAP TLS key file must be group-owned by root, bin, or sys - '/etc/openldap/cacerts/key.pem'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search