Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.15 Ensure nodev option set on /dev/shm partitionCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.2.1 Ensure package manager repositories are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.4.2 Ensure authentication required for single user mode - rescue.serviceCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.5.1 Ensure core dumps are restricted - sysctlCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.7.1.1 Ensure message of the day is configured properly - msrvCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.7.1.3 Ensure remote login warning banner is configured properly - banner checkCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.7.1.6 Ensure permissions on /etc/issue.net are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.8 Ensure updates, patches, and additional security software are installedCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.1.2 Ensure ntp is configured - -u ntp:ntpCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

2.1.1.2 Ensure ntp is configured - NTP server/poolCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

2.1.6 Ensure LDAP server is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.9 Ensure FTP Server is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.13 Ensure HTTP Proxy Server is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.14 Ensure SNMP Server is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.17 Ensure rsh server is not enabled - rexec.socket statusCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.19 Ensure tftp server is not enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.1.1 Ensure IP forwarding is disabled - sysctl.conf sysctl.dCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - sysctl.conf sysctl.d net.ipv4.conf.all.accept_redirectsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.3 Ensure secure ICMP redirects are not accepted - sysctl.conf sysctl.d net.ipv4.conf.default.secure_redirectsCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.7 Ensure Reverse Path Filtering is enabled - sysctl.conf sysctl.d net.ipv4.conf.default.rp_filterCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure /etc/hosts.allow is configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.3 Ensure /etc/hosts.deny is configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure default deny firewall policy - Chain OUTPUTCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.2 Ensure loopback traffic is configured - inputCIS Aliyun Linux 2 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.2.3 Ensure permissions on all logfiles are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.1.1 Ensure cron daemon is enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.3 Ensure permissions on /etc/cron.hourly are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.1.7 Ensure permissions on /etc/cron.d are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.1.8 Ensure at/cron is restricted to authorized users - cron.denyCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.2.1 Ensure permissions on /etc/ssh/sshd_config are configuredCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.2.10 Ensure SSH root login is disabledCIS Aliyun Linux 2 L1 v1.0.0Unix

ACCESS CONTROL

5.2.11 Ensure SSH PermitEmptyPasswords is disabledCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.18 Ensure SSH access is limitedCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.3.1 Ensure password creation requirements are configured - lcreditCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3.1 Ensure password creation requirements are configured - try_first_passCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth [default=die] pam_faillock.so'CIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth required pam_faillock.so'CIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.3.3 Ensure password reuse is limited - system-authCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.1 Ensure password expiration is 365 days or less - usersCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.2 Ensure minimum days between password changes is 7 or more - login.defsCIS Aliyun Linux 2 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.5 Ensure all users last password change date is in the pastCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

CASA-VN-000240 - The Cisco ASA must be configured to use FIPS-validated SHA-2 or higher for Internet Key Exchange (IKE) Phase 2.DISA STIG Cisco ASA VPN v2r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office Open XML filesMSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office Open XML filesMSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

system-auth preauth unlock_timeCIS Amazon Linux 2 v3.0.0 L1Unix
systemctl is-active firewalldCIS Amazon Linux 2 v3.0.0 L1Unix
systemctl is-active nftablesCIS Amazon Linux 2 v3.0.0 L1Unix
telnet.socket enabledCIS Amazon Linux 2 v3.0.0 L1Unix
ucreditCIS Amazon Linux 2 v3.0.0 L1Unix