Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.4.2.2.1 Ensure pam_pwquality module is enabledCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.4.2.2.5 Ensure password same consecutive characters is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.4.2.4.4 Ensure pam_unix includes use_authtokCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.1.2 Ensure password expiration is 365 days or lessCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.3 Ensure password expiration warning days is 7 or moreCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.4 Ensure inactive password lock is 30 days or lessCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.5.2.3 Ensure system accounts are securedCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.5.3.2 Ensure default user shell timeout is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

5.1.1.5 Ensure logging is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.1.7 Ensure rsyslog is not configured to receive logs from a remote clientCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.1.5 Ensure permissions on /etc/shadow are configuredCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS Amazon Linux 2 v3.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

autofs.service activeCIS Amazon Linux 2 v3.0.0 L1Unix
avahiCIS Amazon Linux 2 v3.0.0 L1Unix
avahi-daemon.socket avahi-daemon.service enabledCIS Amazon Linux 2 v3.0.0 L1Unix
CASA-VN-000240 - The Cisco ASA must be configured to use FIPS-validated SHA-2 or higher for Internet Key Exchange (IKE) Phase 2.DISA STIG Cisco ASA VPN v2r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

Check for IPv6CIS Amazon Linux 2 v3.0.0 L1Unix
config file permitrootlogin settingCIS Amazon Linux 2 v3.0.0 L1Unix
Disabled accountsCIS Amazon Linux 2 v3.0.0 L1Unix
dnsmasq.service activeCIS Amazon Linux 2 v3.0.0 L1Unix
Ensure at least one file named /etc/libuser.conf exists and matches patternCIS Amazon Linux 2 v3.0.0 L1Unix
Ensure at least one file named /etc/login.defs exists and matches patternCIS Amazon Linux 2 v3.0.0 L1Unix
firewalld check - enabledCIS Amazon Linux 2 v3.0.0 L1Unix
firewalld check - in useCIS Amazon Linux 2 v3.0.0 L1Unix
firewalld check - installedCIS Amazon Linux 2 v3.0.0 L1Unix
hook outputCIS Amazon Linux 2 v3.0.0 L1Unix
ip6 saddr ::1CIS Amazon Linux 2 v3.0.0 L1Unix
ip6tablesCIS Amazon Linux 2 v3.0.0 L1Unix
ip6tables activeCIS Amazon Linux 2 v3.0.0 L1Unix
ip6tables listCIS Amazon Linux 2 v3.0.0 L1Unix
iptablesCIS Amazon Linux 2 v3.0.0 L1Unix
Loopback on Port 465CIS Amazon Linux 2 v3.0.0 L1Unix
minclassCIS Amazon Linux 2 v3.0.0 L1Unix
mrsv not included in /etc/issue.netCIS Amazon Linux 2 v3.0.0 L1Unix
named.service activeCIS Amazon Linux 2 v3.0.0 L1Unix
Old format InputTCPServerRunCIS Amazon Linux 2 v3.0.0 L1Unix
password-auth authfail denyCIS Amazon Linux 2 v3.0.0 L1Unix
password-auth authfail unlock_timeCIS Amazon Linux 2 v3.0.0 L1Unix
review open ports and ip6tables rulesCIS Amazon Linux 2 v3.0.0 L1Unix
rpcbind existCIS Amazon Linux 2 v3.0.0 L1Unix
samba services existCIS Amazon Linux 2 v3.0.0 L1Unix
sshd maxsessions settingCIS Amazon Linux 2 v3.0.0 L1Unix
sshd_configCIS Amazon Linux 2 v3.0.0 L1Unix
system-auth authfailCIS Amazon Linux 2 v3.0.0 L1Unix
system-auth pam_faillockCIS Amazon Linux 2 v3.0.0 L1Unix
system-auth preauthCIS Amazon Linux 2 v3.0.0 L1Unix
system-auth preauth denyCIS Amazon Linux 2 v3.0.0 L1Unix
Trusted CertCIS Amazon Linux 2 v3.0.0 L1Unix
xinetd.service enabledCIS Amazon Linux 2 v3.0.0 L1Unix
ypserv.service activeCIS Amazon Linux 2 v3.0.0 L1Unix