Detections
Analytics

Item Search

NameAudit NamePluginCategory
3.4.1.2 Ensure iptables-services not installed with firewalldCIS CentOS Linux 8 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.2 Ensure iptables-services not installed with firewalldCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.1.2 Ensure nftables is not installed with iptablesCIS CentOS Linux 8 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.1.3 Ensure firewalld is either not installed or masked with iptablesCIS CentOS Linux 8 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.4 Ensure firewall rules exist for all open portsCIS Debian 8 Server L1 v2.0.2Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.4 Ensure firewall rules exist for all open portsCIS Debian 8 Workstation L1 v2.0.2Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.4 Ensure firewalld service enabled and running - enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.4 Ensure firewalld service enabled and running - enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.4 Ensure firewalld service enabled and running - runningCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.4 Ensure firewalld service enabled and running - runningCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.5 Ensure firewalld default zone is setCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.5 Ensure firewalld default zone is setCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.3 Ensure iptables rules exist for all open portsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.3 Ensure iptables rules exist for all open portsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.1.2 Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)'CIS Windows Server 2012 R2 MS L1 v2.4.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.1.2 Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows Server 2016 MS L1 v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.1.2 Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows Server 2016 DC L1 v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.1.3 Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)'CIS Windows Server 2012 R2 MS L1 v2.4.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.1.3 Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)'CIS Microsoft Windows Server 2016 DC L1 v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.1.3 Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)'CIS Microsoft Windows Server 2016 MS L1 v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.2 Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)'CIS Windows Server 2012 R2 MS L1 v2.4.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.2 Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows Server 2016 MS L1 v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.2 Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows Server 2016 DC L1 v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.3 Ensure 'Windows Firewall: Private: Outbound connections' is set to 'Allow (default)'CIS Windows Server 2012 R2 MS L1 v2.4.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.3 Ensure 'Windows Firewall: Private: Outbound connections' is set to 'Allow (default)'CIS Microsoft Windows Server 2016 MS L1 v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.3 Ensure 'Windows Firewall: Private: Outbound connections' is set to 'Allow (default)'CIS Microsoft Windows Server 2016 DC L1 v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.2 Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows Server 2016 DC L1 v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.2 Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows Server 2016 MS L1 v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.3 Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)'CIS Windows Server 2012 R2 MS L1 v2.4.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.3 Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)'CIS Microsoft Windows Server 2016 MS L1 v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.3 Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)'CIS Microsoft Windows Server 2016 DC L1 v1.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

GEN005540 - The SSH daemon must be configured for IP filtering - '/etc/hosts.allow'DISA STIG for Oracle Linux 5 v1r14Unix

SYSTEM AND COMMUNICATIONS PROTECTION

GEN005540 - The SSH daemon must be configured for IP filtering - '/etc/hosts.deny'DISA STIG for Oracle Linux 5 v1r14Unix

SYSTEM AND COMMUNICATIONS PROTECTION

GEN006620 - The systems access control program must be configured to grant or deny system access to specific hosts.DISA STIG for Oracle Linux 5 v1r14Unix

SYSTEM AND COMMUNICATIONS PROTECTION

GEN008540 - The system's local firewall must implement a deny-all, allow-by-exception policy.DISA STIG AIX 5.3 v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

NET-IPV6-064 - Not filtering undefined option type - Inbound ACLDISA STIG Cisco Perimeter L3 Switch v8r32Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET-IPV6-064 - Not filtering undefined option type - Inbound ACLDISA STIG Cisco Perimeter Router v8r32Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET-IPV6-064 - Not filtering undefined option type - Outbound ACLDISA STIG Cisco Perimeter Router v8r32Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET-IPV6-064 - Not filtering undefined option type - Outbound ACLDISA STIG Cisco Perimeter L3 Switch v8r32Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET-SRVFRM-003 - Server VLAN interfaces must be protected by restrictive ACLs using a deny-by-default security posture.DISA STIG Juniper Infrastructure Router V8R29Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

NET-SRVFRM-003 - Server VLAN interfaces must be protected by restrictive ACLs using a deny-by-default security posture.DISA STIG Juniper Perimeter Router V8R32Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

NET-TUNL-007 - Tunnel entry and exit points must be in a deny-by-default security posture.DISA STIG Juniper Perimeter Router V8R32Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

NET0162 - AG ingress ACL is not configured to secure enclave - 'Explicit Deny ACL'DISA STIG Cisco Perimeter Router v8r32Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0410 - BGP sessions are not restricted. 'ACL IP Recieve Access-List (Default Deny)'DISA STIG Cisco Perimeter Router v8r32Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0410 - BGP sessions are not restricted. 'ACL IP Recieve Access-List (Default Deny)'DISA STIG Cisco Perimeter L3 Switch v8r32Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0410 - BGP sessions are not restricted. 'ACL IP Recieve Access-List (ICMP Fragments)'DISA STIG Cisco Perimeter L3 Switch v8r32Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET0410 - BGP sessions are not restricted. 'ACL IP Recieve Access-List (ICMP Fragments)'DISA STIG Cisco Perimeter Router v8r32Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1637 - Management connections are not restricted - 'VTY port (access-list VTY_ACL deny any log)'DISA STIG Cisco L2 Switch V8R27Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1637 - Management connections are not restricted - 'VTY port (access-list VTY_ACL deny any log)'DISA STIG Cisco Perimeter Router v8r32Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

NET1637 - Management connections are not restricted - 'VTY port (access-list VTY_ACL deny any log)'DISA STIG Cisco Perimeter L3 Switch v8r32Cisco

SYSTEM AND COMMUNICATIONS PROTECTION