Item Search

Name	Audit Name	Plugin	Category
'mail.err /var/log/mail.err'	CIS Amazon Linux 2 v3.0.0 L1	Unix
1.1.1.3 Ensure hfs kernel module is not available	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
1.1.2.4.2 Ensure nodev option set on /var partition	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.2.2 Ensure gpgcheck is globally activated	CIS Amazon Linux 2 v3.0.0 L1	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.5.1.6 Ensure no unconfined services exist	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.6.1 Ensure message of the day is configured properly	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL
2.1.3 Ensure chrony is not run as the root user	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL
2.2.1 Ensure autofs services are not in use	CIS Amazon Linux 2 v3.0.0 L1	Unix	MEDIA PROTECTION
2.2.4 Ensure dns server services are not in use	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
2.2.8 Ensure message access server services are not in use	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
2.2.18 Ensure web server services are not in use	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
2.2.19 Ensure xinetd services are not in use	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
3.1.3 Ensure bluetooth services are not in use	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
3.3.6 Ensure secure icmp redirects are not accepted	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
3.3.7 Ensure reverse path filtering is enabled	CIS Amazon Linux 2 v3.0.0 L1	Unix	CONFIGURATION MANAGEMENT
3.4.2.2 Ensure firewalld service enabled and running	CIS Amazon Linux 2 v3.0.0 L1	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.3.5 Ensure nftables loopback traffic is configured	CIS Amazon Linux 2 v3.0.0 L1	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.3.7 Ensure nftables default deny firewall policy	CIS Amazon Linux 2 v3.0.0 L1	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.4.2.3 Ensure iptables rules exist for all open ports	CIS Amazon Linux 2 v3.0.0 L1	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.4.2.5 Ensure iptables rules are saved	CIS Amazon Linux 2 v3.0.0 L1	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.4.2.6 Ensure iptables service is enabled and active	CIS Amazon Linux 2 v3.0.0 L1	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.4.3.3 Ensure ip6tables firewall rules exist for all open ports	CIS Amazon Linux 2 v3.0.0 L1	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.1.1 Ensure default deny firewall policy - Chain FORWARD	CIS Aliyun Linux 2 L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.1.1.2 Ensure permissions on /etc/crontab are configured	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
4.1.1.7 Ensure permissions on /etc/cron.d are configured	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL, MEDIA PROTECTION
4.2.1.5 Ensure remote rsyslog messages are only accepted on designated log hosts. - $InputTCPServerRun	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.11 Ensure sshd IgnoreRhosts is enabled	CIS Amazon Linux 2 v3.0.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
4.2.13 Ensure sshd LoginGraceTime is configured	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL
4.2.20 Ensure sshd PermitRootLogin is disabled	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL
4.2.22 Ensure sshd UsePAM is enabled	CIS Amazon Linux 2 v3.0.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
4.3.6 Ensure sudo authentication timeout is configured correctly	CIS Amazon Linux 2 v3.0.0 L1	Unix	ACCESS CONTROL
4.4.2.2.6 Ensure password maximum sequential characters is configured	CIS Amazon Linux 2 v3.0.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
4.4.2.4.3 Ensure pam_unix includes a strong password hashing algorithm	CIS Amazon Linux 2 v3.0.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.5.1.1 Ensure strong password hashing algorithm is configured	CIS Amazon Linux 2 v3.0.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.1.2 Ensure permissions on /etc/crontab are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.2.1.1 Ensure systemd-journal-remote is installed	CIS Amazon Linux 2 v3.0.0 L1	Unix	AUDIT AND ACCOUNTABILITY
5.2.5 Ensure SSH LogLevel is appropriate	CIS Aliyun Linux 2 L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.2.8 Ensure SSH IgnoreRhosts is enabled	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.14 Ensure SSH Idle Timeout Interval is configured - ClientAliveInterval	CIS Aliyun Linux 2 L1 v1.0.0	Unix	ACCESS CONTROL
5.2.15 Ensure SSH LoginGraceTime is set to one minute or less	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.1 Ensure password creation requirements are configured - ucredit	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth [success=1 default=bad] pam_unix.so'	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.3 Ensure password reuse is limited - password-auth	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.4.1.1 Ensure password expiration is 365 days or less - login.defs	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.6 Ensure access to the su command is restricted - /etc/group	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.6 Ensure access to the su command is restricted - /etc/pam.d/su	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.1.7 Ensure permissions on /etc/shadow- are configured	CIS Aliyun Linux 2 L1 v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.11 Ensure no unowned files or directories exist	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.2 Ensure no legacy "+" entries exist in /etc/passwd	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.7 Ensure all users' home directories exist	CIS Aliyun Linux 2 L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search