Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.4.2.3.4 Ensure pam_pwhistory includes use_authtokCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.1.5 Ensure all users last password change date is in the pastCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.5.2.2 Ensure root user umask is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.5.3.3 Ensure default user umask is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.2 Ensure rsyslog service is enabledCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

6.1.4 Ensure permissions on /etc/group- are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.10 Ensure permissions on /etc/security/opasswd are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2.5 Ensure no duplicate GIDs existCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.2.7 Ensure no duplicate group names existCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.2.10 Ensure local interactive user home directories are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

aidecheck.service is enabledCIS Amazon Linux 2 v3.0.0 L1Unix
bluetooth.service activeCIS Amazon Linux 2 v3.0.0 L1Unix
Chain FORWARDCIS Amazon Linux 2 v3.0.0 L1Unix
Chain OUTPUTCIS Amazon Linux 2 v3.0.0 L1Unix
Check for crontab aideCIS Amazon Linux 2 v3.0.0 L1Unix
Check if cronie is installedCIS Amazon Linux 2 v3.0.0 L1Unix
ClientAliveCountMax is greater than 0CIS Amazon Linux 2 v3.0.0 L1Unix
dns services existCIS Amazon Linux 2 v3.0.0 L1Unix
dnsmasq services existCIS Amazon Linux 2 v3.0.0 L1Unix
Ensure no file named /etc/pam.d/password-auth exists and matches patternCIS Amazon Linux 2 v3.0.0 L1Unix
Grub configurationCIS Amazon Linux 2 v3.0.0 L1Unix
hook forwardCIS Amazon Linux 2 v3.0.0 L1Unix
hook inputCIS Amazon Linux 2 v3.0.0 L1Unix
httpd.socket httpd.service nginx.service activeCIS Amazon Linux 2 v3.0.0 L1Unix
ip dhcp snooping information option circuit-id type 2 formatDISA STIG Arista MLS EOS 4.2x L2S v2r1Arista
iptables activeCIS Amazon Linux 2 v3.0.0 L1Unix
iptables Chain FORWARDCIS Amazon Linux 2 v3.0.0 L1Unix
iptables installedCIS Amazon Linux 2 v3.0.0 L1Unix
journald check - activeCIS Amazon Linux 2 v3.0.0 L1Unix
KeyCIS Amazon Linux 2 v3.0.0 L1Unix
mrsv not included in /etc/issueCIS Amazon Linux 2 v3.0.0 L1Unix
net-snmp is installedCIS Amazon Linux 2 v3.0.0 L1Unix
New format module load imtcpCIS Amazon Linux 2 v3.0.0 L1Unix
nft list ruleset - ct stateCIS Amazon Linux 2 v3.0.0 L1Unix
nginx services exist on the systemCIS Amazon Linux 2 v3.0.0 L1Unix
password-auth authfailCIS Amazon Linux 2 v3.0.0 L1Unix
password-auth preauth denyCIS Amazon Linux 2 v3.0.0 L1Unix
password-auth preauth unlock_timeCIS Amazon Linux 2 v3.0.0 L1Unix
rpcbind.socket rpcbind.service enabledCIS Amazon Linux 2 v3.0.0 L1Unix
rsyslog check - enabledCIS Amazon Linux 2 v3.0.0 L1Unix
rsyslog.serviceCIS Amazon Linux 2 v3.0.0 L1Unix
Running configurationCIS Amazon Linux 2 v3.0.0 L1Unix
shadow inactive password lockCIS Amazon Linux 2 v3.0.0 L1Unix
smb.service enabledCIS Amazon Linux 2 v3.0.0 L1Unix
system-authCIS Amazon Linux 2 v3.0.0 L1Unix
systemctl status aidecheck.timerCIS Amazon Linux 2 v3.0.0 L1Unix
telnet-server is installedCIS Amazon Linux 2 v3.0.0 L1Unix
tftp.socket tftp.service enabledCIS Amazon Linux 2 v3.0.0 L1Unix
Verify that the dictcheck option is not set to 0 (disabled) as a module argument in a PAM fileCIS Amazon Linux 2 v3.0.0 L1Unix
yum.repos.d configuration is set correctlyCIS Amazon Linux 2 v3.0.0 L1Unix