Item Search

Name	Audit Name	Plugin	Category
1.1.1.2 Ensure mounting of squashfs filesystems is disabled - lsmod	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.2 Ensure mounting of squashfs filesystems is disabled - modprobe	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of FAT filesystems is limited - modprobe vfat	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.9 Ensure nosuid option set on /var/tmp partition	CIS Debian Family Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.10 Ensure separate partition exists for /var	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.1 Ensure bootloader password is set - superusers	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.2 Ensure permissions on bootloader config are configured - /boot/grub2/user.cfg	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.8.1.2 Ensure local login warning banner is configured properly	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.10 Ensure GDM is removed or login is configured - banner message enabled	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure IP forwarding is disabled - sysctl.conf ipv6	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure packet redirect sending is disabled - systctl net.ipv4.conf.all.send_redirects	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.all.accept_source_route = 0'	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - 'net.ipv6.conf.all.accept_source_route = 0'	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.all.accept_source_route	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.all.accept_source_route	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.all.accept_redirects = 0'	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - 'net.ipv4.conf.default.accept_redirects = 0'	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - 'net.ipv6.conf.all.accept_redirects = 0'	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - 'net.ipv6.conf.default.accept_redirects = 0'	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.default.accept_redirects	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.all.secure_redirects = 0'	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.default.secure_redirects = 0'	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.3 Ensure secure ICMP redirects are not accepted - sysctl net.ipv4.conf.all.secure_redirects	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.3 Ensure secure ICMP redirects are not accepted - sysctl net.ipv4.conf.default.secure_redirects	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.7 Ensure Reverse Path Filtering is enabled - net.ipv4.conf.all.rp_filter = 0	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.7 Ensure Reverse Path Filtering is enabled - sysctl net.ipv4.conf.default.rp_filter	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.9 Ensure IPv6 router advertisements are not accepted - net.ipv6.conf.default.accept_ra = 0	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.9 Ensure IPv6 router advertisements are not accepted - sysctl net.ipv6.conf.all.accept_ra	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.3 Ensure events that modify date and time information are collected - 'adjtimex 64bit'	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.3 Ensure events that modify date and time information are collected - 'auditctl adjtimex'	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor.d/	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor/	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.9 Ensure discretionary access control permission modification events are collected - auditctl b32 chmod fchmod	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.9 Ensure discretionary access control permission modification events are collected - auditctl b32 setxattr	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.9 Ensure discretionary access control permission modification events are collected - b64 setxattr	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - /etc/audit/rules.d insmod	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - /etc/audit/rules.d modprobe	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - /etc/audit/rules.d modules	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - /etc/audit/rules.d rmmod	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl modules	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.12 Ensure SSH PermitUserEnvironment is disabled	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.19 Ensure SSH PAM is enabled	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.22 Ensure SSH MaxSessions is limited	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.6 Ensure access to the su command is restricted - wheel	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.1.14 Audit SGID executables	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.3 Ensure root is the only UID 0 account	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.5 Ensure all users' home directories exist	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.9 Ensure no users have .forward files	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search