Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.5.1.1 Set 'Windows Firewall: Domain: Display a notification' to 'Yes (default)'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.2.6 Set 'Windows Firewall: Private: Display a notification' to 'Yes (default)'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.5.3.5 Set 'Windows Firewall: Public: Display a notification' to 'No'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Allow Docker to make changes to iptablesCIS Docker 1.6 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.1 Ensure IP forwarding is disabled - /etc/sysctlCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled - /etc/sysctl ipv4 default sendCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2 Ensure packet redirect sending is disabled - sysctl ipv4 all sendCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.1 Ensure source routed packets are not accepted - /etc/sysctl ipv4 all accceptCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.2 Ensure ICMP redirects are not accepted - sysctl ipv4 default acceptCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.3 Ensure secure ICMP redirects are not accepted - /etc/sysctl ipv4 all secureCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.5 Ensure broadcast ICMP requests are ignored - /etc/sysctlCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.5 Ensure broadcast ICMP requests are ignored - sysctlCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.6 Ensure bogus ICMP responses are ignored - /etc/sysctlCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.7 Ensure Reverse Path Filtering is enabled - /etc/sysctl ipv4 all rp_filterCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2.8 Ensure TCP SYN Cookies is enabled - sysctlCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 default acceptCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - sysctl ipv6 all acceptCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Ensure IPv6 router advertisements are not accepted - sysctl ipv6 all acceptCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Ensure IPv6 redirects are not accepted - /etc/sysctl ipv6 default acceptCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Ensure IPv6 redirects are not accepted - sysctl ipv6 default acceptCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.9 ipsrcrouterecvCIS IBM AIX 7.1 L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.11 ip6srcrouteforwardCIS IBM AIX 7.1 L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.3.17 udp_pmtu_discoverCIS IBM AIX 7.1 L1 v2.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Ensure FTP Logon attempt restrictions is enabled - Deny By Failure EnabledCIS IIS 8.0 v1.5.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.7 Ensure Firewall is active - iptables-persistent run level 3CIS Debian Linux 7 L1 v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.3 (L1) Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.3 (L1) Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NGWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.3 (L1) Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.3 (L1) Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.3 (L1) Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.6 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.6 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NGWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.6 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.6 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NGWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.6 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'CIS Microsoft Windows 11 Enterprise v4.0.0 L2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

ACLs: Filter for RFC 3330 addresses (192.0.2.0/24)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

ACLs: Filter for RFC 3330 addresses (240.0.0.0/4)TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows 11 v22H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows Server 2022 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)MSCT Windows 10 v22H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 11 v24H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT MSCT Windows Server 2022 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

vNetwork : reject-forged-transmit - 'vSwitch'VMWare vSphere 6.0 Hardening GuideVMware

SYSTEM AND COMMUNICATIONS PROTECTION

vNetwork : reject-forged-transmit-StandardSwitchVMWare vSphere 6.5 Hardening GuideVMware

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Defender Firewall: Protect all network connectionsMSCT Windows 10 v21H1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Defender Firewall: Protect all network connectionsMSCT Windows 11 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Windows Defender Firewall: Protect all network connectionsMSCT Windows 11 v24H2 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION