Item Search

Name	Audit Name	Plugin	Category
1.1.2 Ensure /tmp is configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.4 Ensure nosuid option set on /tmp partition	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.8 Ensure nodev option set on /var/tmp partition	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.10 Ensure noexec option set on /var/tmp partition	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.2.1 Ensure package manager repositories are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND INFORMATION INTEGRITY
1.2.2 Ensure GPG keys are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND INFORMATION INTEGRITY
1.7.1.3 Ensure remote login warning banner is configured properly - msrv	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.1.2 Ensure ntp is configured - -u ntp:ntp	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
2.1.3 Ensure Avahi Server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.5 Ensure DHCP Server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.7 Ensure NFS and RPC are not enabled - nfs	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.12 Ensure Samba is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.12 Ensure Samba is not enabled - status	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.13 Ensure HTTP Proxy Server is not enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.1.15 Ensure mail transfer agent is configured for local-only mode - status	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.2.1 Ensure NIS Client is not installed	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.1.2 Ensure packet redirect sending is disabled - net.ipv4.conf.default.send_redirects	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.all.accept_source_route	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.default.accept_source_route	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure source routed packets are not accepted - sysctl.conf sysctl.d net.ipv6.conf.all.accept_source_route	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.default.accept_redirects	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure ICMP redirects are not accepted - sysctl.conf sysctl.d net.ipv6.conf.default.accept_redirects	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.5.2.1 Ensure IPv6 default deny firewall policy - Chain INPUT	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3 Ensure iptables is installed	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.2.1.5 Ensure remote rsyslog messages are only accepted on designated log hosts. - $ModLoad	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2 Ensure rsyslog is installed	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.1.2 Ensure permissions on /etc/crontab are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.1 Ensure permissions on /etc/ssh/sshd_config are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.10 Ensure SSH root login is disabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
5.2.12 Ensure SSH PermitUserEnvironment is disabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.13 Ensure only strong MAC algorithms are used	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.3.1 Ensure password creation requirements are configured - lcredit	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.1 Ensure password creation requirements are configured - minlen	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.1 Ensure password creation requirements are configured - passwd-auth retry	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.1 Ensure password creation requirements are configured - try_first_pass	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth required pam_faillock.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth [success=1 default=bad] pam_unix.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.3 Ensure password reuse is limited - password-auth	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.4 Ensure password hashing algorithm is SHA-512 - password-auth	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.1.3 Ensure password expiration warning days is 7 or more - users	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.6 Ensure access to the su command is restricted - /etc/pam.d/su	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.1.3 Ensure permissions on /etc/shadow are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.7 Ensure permissions on /etc/shadow- are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.10 Ensure no world writable files exist	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.4 Ensure no legacy "+" entries exist in /etc/group	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.5 Ensure root is the only UID 0 account	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.13 Ensure users' .netrc Files are not group or world accessible	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
6.2.14 Ensure no users have .rhosts files	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.2.18 Ensure no duplicate user names exist	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
8 - Managing TLS and SSL - SSLv3 disabled	NetApp Security Hardening Guide for ONTAP 9 v1.7.0	Netapp_API	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search