Item Search

Name	Audit Name	Plugin	Category
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/passwd halt'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
GEN000251 - The time synchronization configuration file (such as /etc/ntp.conf) must be group-owned by root, bin, or sys - such as /etc/ntp.conf must be group-owned by root, bin, sys, or system.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN000252 - The time synchronization configuration file (such as /etc/ntp.conf) must have mode 0640 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN000920 - The root accounts home directory (other than /) must have mode 0700 or less permissive - other than / must have mode 0700.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/man/*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001290 - All manual page files must not have extended ACLs - '/usr/share/man'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001378 - The /etc/passwd file must be owned by root.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001394 - The /etc/group file must not have an extended ACL.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001440 - All interactive users must be assigned a home directory in the /etc/passwd file.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001480 - All user home directories must have mode 0750 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN001570 - All files and directories contained in user home directories must not have extended ACLs.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN002320 - Audio devices must have mode 0660 or less permissive - '/dev/audio*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN002330 - Audio devices must not have extended ACLs - '/dev/snd/*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN002360 - Audio devices must be group-owned by root, sys, bin, or system - '/dev/audio*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN002360 - Audio devices must be group-owned by root, sys, bin, or system - '/dev/snd/*'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN002540 - All public directories must be group-owned by root, sys, bin, or an application group.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN003440 - At jobs must not set the umask to a value less restrictive than 077 - At jobs must not set the umask to a value less restrictive than 077.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN004220 - Administrative accounts must not run a web browser, except as needed for local service administration.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN004400 - Files executed through a mail aliases file must be owned by root and must reside within a directory owned and writable only by root.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004410 - Files executed through a mail aliases file must be group-owned by root, bin, sys, or system, and must reside within a directory group-owned by root, bin, sys, or system.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004420 - Files executed through a mail aliases file must have mode 0755 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004880 - The ftpusers file must exist.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004930 - The ftpusers file must be group-owned by root, bin, sys, or system - '/etc/ftpusers'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004940 - The ftpusers file must have mode 0640 or less permissive - '/etc/ftpusers'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004940 - The ftpusers file must have mode 0640 or less permissive - '/etc/vsftpd.ftpusers'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN004950 - The ftpusers file must not have an extended ACL - '/etc/vsftpd.ftpusers'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005000 - Anonymous FTP accounts must not have a functional shell.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005040 - All FTP users must have a default umask of 077 - '/etc/vsftpd/vsftpd.conf anon_umask'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005100 - The TFTP daemon must have mode 0755 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005200 - X displays must not be exported to the world.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005240 - The .Xauthority utility must only permit access to authorized hosts.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005390 - The /etc/syslog.conf file must have mode 0640 or less permissive - /etc/rsyslog.conf	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005522 - The SSH public host key files must have mode 0644 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005536 - The SSH daemon must perform strict mode checking of home directory configuration files.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN005750 - The Network File System (NFS) export configuration file must be group-owned by root, bin, sys, or system.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005760 - The Network File System (NFS) export configuration file must have mode 0644 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005770 - The Network File System (NFS) exports configuration file must not have an extended ACL.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
GEN005900 - The nosuid option must be enabled on all Network File System (NFS) client mounts.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006140 - The /etc/smb.conf file must have mode 0644 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006180 - The smbpasswd file must be group-owned by root - '/etc/samba/passdb.tdb'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006200 - The smbpasswd file must have mode 0600 or less permissive - '/etc/samba/secrets.tdb'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006210 - The /etc/smbpasswd file must not have an extended ACL - '/etc/samba/secrets.tdb'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006280 - The /etc/news/infeed.conf (or equivalent) must have mode 0600 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006300 - The /etc/news/readers.conf (or equivalent) must have mode 0600 or less permissive - or equivalent must have mode 0600 or less permissive	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006310 - The /etc/news/nnrp.access file must not have an extended ACL.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006320 - The /etc/news/passwd.nntp file (or equivalent) must have mode 0600 or less permissive.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN006360 - The files in /etc/news must be group-owned by root or news.	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008140 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must be owned by root - '/etc/ssl/ca.cert'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008160 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must be group-owned by root, bin, sys, or system - '/etc/ssl/certs'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN008180 - If the system is using LDAP for authentication or account information, the TLS certificate authority file and/or directory (as appropriate) must have mode 0644 (0755 for directories) or less permissive - '/etc/ssl/certs'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search