Item Search

NameAudit NamePluginCategory
1.1.1.2 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.2 Ensure mounting of squashfs filesystems is disabled - modprobeCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.4 Ensure mounting of FAT filesystems is limited - modprobe vfatCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.9 Ensure nosuid option set on /var/tmp partitionCIS Debian Family Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.10 Ensure separate partition exists for /varCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.5.1 Ensure bootloader password is set - superusersCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.5.2 Ensure permissions on bootloader config are configured - /boot/grub2/user.cfgCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.8.1.2 Ensure local login warning banner is configured properlyCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.10 Ensure GDM is removed or login is configured - banner message enabledCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure IP forwarding is disabled - sysctl.conf ipv6CIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure packet redirect sending is disabled - systctl net.ipv4.conf.all.send_redirectsCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.all.accept_source_route = 0'CIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - 'net.ipv6.conf.all.accept_source_route = 0'CIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.all.accept_source_routeCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.all.accept_source_routeCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.all.accept_redirects = 0'CIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.default.accept_redirects = 0'CIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - 'net.ipv6.conf.all.accept_redirects = 0'CIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - 'net.ipv6.conf.default.accept_redirects = 0'CIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.default.accept_redirectsCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.all.secure_redirects = 0'CIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.default.secure_redirects = 0'CIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.3 Ensure secure ICMP redirects are not accepted - sysctl net.ipv4.conf.all.secure_redirectsCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.3 Ensure secure ICMP redirects are not accepted - sysctl net.ipv4.conf.default.secure_redirectsCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.7 Ensure Reverse Path Filtering is enabled - net.ipv4.conf.all.rp_filter = 0CIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.7 Ensure Reverse Path Filtering is enabled - sysctl net.ipv4.conf.default.rp_filterCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.9 Ensure IPv6 router advertisements are not accepted - net.ipv6.conf.default.accept_ra = 0CIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.9 Ensure IPv6 router advertisements are not accepted - sysctl net.ipv6.conf.all.accept_raCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.3 Ensure events that modify date and time information are collected - 'adjtimex 64bit'CIS Fedora 19 Family Linux Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.3 Ensure events that modify date and time information are collected - 'auditctl adjtimex'CIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/CIS Fedora 19 Family Linux Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/CIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor.d/CIS Fedora 19 Family Linux Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor/CIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.9 Ensure discretionary access control permission modification events are collected - auditctl b32 chmod fchmodCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.9 Ensure discretionary access control permission modification events are collected - auditctl b32 setxattrCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.9 Ensure discretionary access control permission modification events are collected - b64 setxattrCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - /etc/audit/rules.d insmodCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - /etc/audit/rules.d modprobeCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - /etc/audit/rules.d modulesCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - /etc/audit/rules.d rmmodCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl modulesCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.2.12 Ensure SSH PermitUserEnvironment is disabledCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.2.19 Ensure SSH PAM is enabledCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.2.22 Ensure SSH MaxSessions is limitedCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.6 Ensure access to the su command is restricted - wheelCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.1.14 Audit SGID executablesCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.3 Ensure root is the only UID 0 accountCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.5 Ensure all users' home directories existCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.9 Ensure no users have .forward filesCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT