Detections
Analytics

Item Search

NameAudit NamePluginCategory
5.1.2.1.4 Ensure journald is not configured to receive logs from a remote clientCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

5.1.2.2 Ensure journald service is enabledCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.3 Ensure journald is configured to compress large log filesCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.3 Ensure logrotate is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.3.2 Ensure filesystem integrity is regularly checkedCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

6.1.7 Ensure permissions on /etc/gshadow are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.8 Ensure permissions on /etc/gshadow- are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2.3 Ensure all groups in /etc/passwd exist in /etc/groupCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

6.2.6 Ensure no duplicate user names existCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.2.8 Ensure root path integrityCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

at is installedCIS Amazon Linux 2 v3.0.0 L1Unix
autofs.service enabledCIS Amazon Linux 2 v3.0.0 L1Unix
banner textCIS Amazon Linux 2 v3.0.0 L1Unix
bluetooth.service enabledCIS Amazon Linux 2 v3.0.0 L1Unix
bluezCIS Amazon Linux 2 v3.0.0 L1Unix
Chain INPUTCIS Amazon Linux 2 v3.0.0 L1Unix
Check for systemd-journal-remote packageCIS Amazon Linux 2 v3.0.0 L1Unix
Check if cron is installedCIS Amazon Linux 2 v3.0.0 L1Unix
ClientAliveInterval is greater than 0CIS Amazon Linux 2 v3.0.0 L1Unix
config file HostbasedAuthentication settingCIS Amazon Linux 2 v3.0.0 L1Unix
config file MaxSessions settingCIS Amazon Linux 2 v3.0.0 L1Unix
config file permitemptypasswords settingCIS Amazon Linux 2 v3.0.0 L1Unix
cyrus-imapd exist on the systemCIS Amazon Linux 2 v3.0.0 L1Unix
dhcp server services existCIS Amazon Linux 2 v3.0.0 L1Unix
Ensure at least one file named /etc/pam.d/password-auth exists and matches password patternCIS Amazon Linux 2 v3.0.0 L1Unix
Ensure at least one file named /etc/pam.d/system-auth exists and matches patternCIS Amazon Linux 2 v3.0.0 L1Unix
Ensure at least one file named /etc/pam.d/system-auth exists and matches pattern (?i)^h*passwordh+(requisite|required)h+pam_pwhistory.soCIS Amazon Linux 2 v3.0.0 L1Unix
Ensure at least one file named /etc/pam.d/system-auth exists and matches pattern ^h*authh+(required|requisite)h+([^#CIS Amazon Linux 2 v3.0.0 L1Unix
Ensure no file named /etc/pam.d/password-auth pam_unix.so contains rememberCIS Amazon Linux 2 v3.0.0 L1Unix
Ensure no file named /etc/pam.d/system-auth exists and matches patternCIS Amazon Linux 2 v3.0.0 L1Unix
Ensure no file named /etc/pam.d/system-auth pam_unix.so contains rememberCIS Amazon Linux 2 v3.0.0 L1Unix
Global configuration is set correctlyCIS Amazon Linux 2 v3.0.0 L1Unix
httpd services exist on the systemCIS Amazon Linux 2 v3.0.0 L1Unix
iff lo acceptCIS Amazon Linux 2 v3.0.0 L1Unix
INPUT dropCIS Amazon Linux 2 v3.0.0 L1Unix
ip6tables enabledCIS Amazon Linux 2 v3.0.0 L1Unix
iptables Chain INPUTCIS Amazon Linux 2 v3.0.0 L1Unix
iptables OUTPUT ACCEPTCIS Amazon Linux 2 v3.0.0 L1Unix
iptables-services installedCIS Amazon Linux 2 v3.0.0 L1Unix
journald check - enabledCIS Amazon Linux 2 v3.0.0 L1Unix
mrsv not included in /etc/motdCIS Amazon Linux 2 v3.0.0 L1Unix
named.service enabledCIS Amazon Linux 2 v3.0.0 L1Unix
nfs-server.service activeCIS Amazon Linux 2 v3.0.0 L1Unix
nfs-utils existCIS Amazon Linux 2 v3.0.0 L1Unix
Nftables check - activeCIS Amazon Linux 2 v3.0.0 L1Unix
Old format ModLoad imtcpCIS Amazon Linux 2 v3.0.0 L1Unix
password-auth pam_faillockCIS Amazon Linux 2 v3.0.0 L1Unix
password-auth preauthCIS Amazon Linux 2 v3.0.0 L1Unix
rsyncd.socket rsyncd.service activeCIS Amazon Linux 2 v3.0.0 L1Unix