Item Search

NameAudit NamePluginCategory
1.1.1.6 Ensure squashfs kernel module is not availableCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

1.1.1.6 Ensure squashfs kernel module is not availableCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

1.1.1.6 Ensure squashfs kernel module is not availableCIS Oracle Linux 9 v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

1.1.1.6 Ensure squashfs kernel module is not availableCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

1.1.1.7 Ensure squashfs kernel module is not availableCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

1.1.1.7 Ensure squashfs kernel module is not availableCIS SUSE Linux Enterprise 15 v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

1.1.1.7 Ensure squashfs kernel module is not availableCIS SUSE Linux Enterprise 15 v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

1.5.6 Ensure NIST FIPS-validated cryptography is configured - enabledCIS Amazon Linux 2 STIG v1.0.0 L3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.7 Set default ulimit as appropriate - default-ulimitCIS Docker 1.12.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.1 Ensure nftables is installedCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.1 Ensure nftables is installedCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

ALMA-09-046550 - AlmaLinux OS 9 must enable Linux audit logging for the USBGuard daemon.DISA CloudLinux AlmaLinux OS 9 STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

ARST-RT-000030 - The Arista BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS).DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

ACCESS CONTROL

ARST-RT-000200 - The out-of-band management (OOBM) Arista gateway router must be configured to not redistribute routes between the management network routing domain and the managed network routing domain.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

ACCESS CONTROL

AS24-W1-000010 - The Apache web server must limit the number of allowed simultaneous session requests.DISA STIG Apache Server 2.4 Windows Server v3r1Windows

ACCESS CONTROL

AS24-W1-000010 - The Apache web server must limit the number of allowed simultaneous session requests.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

ACCESS CONTROL

RHEL-06-000019 - There must be no .rhosts or hosts.equiv files on the system.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000020 - The system must use a Linux Security Module configured to enforce limits on system services.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000029 - Default operating system accounts, other than root, must be locked.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000032 - The root account must be the only account having a UID of 0.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000033 - The /etc/shadow file must be owned by root.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000040 - The /etc/passwd file must be group-owned by root.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000044 - The /etc/group file must have mode 0644 or less permissive.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000045 - Library files must have mode 0755 or less permissive - '/usr/lib64/*'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000046 - Library files must be owned by a system account - '/lib64/*'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000046 - Library files must be owned by a system account - '/usr/local/lib64/*'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000047 - All system command files must have mode 755 or less permissive - '/usr/local/sbin/*'DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000048 - All system command files must be owned by root - /sbin/*.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000048 - All system command files must be owned by root - /usr/sbin/*.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000054 - Users must be warned 7 days in advance of password expiration.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000056 - The system must require passwords to contain at least one numeric character - system-auth.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000062 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes (system-auth) - system-auth.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000070 - The system must not permit interactive boot.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000079 - The system must limit the ability of processes to have simultaneous write and execute access to memory - sysctlDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000081 - The system must not send ICMPv4 redirects from any interface - configDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000083 - The system must not accept IPv4 source-routed packets on any interface - sysctlDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000084 - The system must not accept ICMPv4 redirect packets on any interface - configDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000086 - The system must not accept ICMPv4 secure redirect packets on any interface - sysctlDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000089 - The system must not accept IPv4 source-routed packets by default - configDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000090 - The system must not accept ICMPv4 secure redirect packets by default - sysctlDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000093 - The system must ignore ICMPv4 bogus error responses - sysctlDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000095 - The system must be configured to use TCP syncookies when experiencing a TCP SYN flood - sysctlDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-06-000096 - The system must use a reverse-path filter for IPv4 network traffic when possible on all interfaces - configDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000096 - The system must use a reverse-path filter for IPv4 network traffic when possible on all interfaces - sysctlDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000097 - The system must use a reverse-path filter for IPv4 network traffic when possible by default - configDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000097 - The system must use a reverse-path filter for IPv4 network traffic when possible by default - sysctlDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000120 - The systems local IPv4 firewall must implement a deny-all, allow-by-exception policy for inbound packets.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000124 - The Datagram Congestion Control Protocol (DCCP) must be disabled unless required.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000126 - The Reliable Datagram Sockets (RDS) protocol must be disabled unless required.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000138 - System logs must be rotated daily - RPM check.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT