Item Search

Name	Audit Name	Plugin	Category
3.1.1 Ensure IP forwarding is disabled - /etc/sysctl	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.2 Ensure packet redirect sending is disabled - /etc/sysctl ipv4 default send	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.2 Ensure packet redirect sending is disabled - sysctl ipv4 all send	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.2 Ensure packet redirect sending is disabled - sysctl ipv4 default send	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.1 Ensure source routed packets are not accepted - /etc/sysctl ipv4 all acccept	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.1 Ensure source routed packets are not accepted - sysctl ipv4 all acccept	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.2 Ensure ICMP redirects are not accepted - /etc/sysctl ipv4 all accept	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.2 Ensure ICMP redirects are not accepted - sysctl ipv4 default accept	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.5 Ensure broadcast ICMP requests are ignored - /etc/sysctl	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.5 Ensure broadcast ICMP requests are ignored - sysctl	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.6 Ensure bogus ICMP responses are ignored - /etc/sysctl	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.7 Ensure Reverse Path Filtering is enabled - /etc/sysctl ipv4 all rp_filter	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.2.8 Ensure TCP SYN Cookies is enabled - sysctl	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.1 Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 default accept	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.1 Ensure IPv6 router advertisements are not accepted - sysctl ipv6 all accept	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.1 Ensure IPv6 router advertisements are not accepted - sysctl ipv6 all accept	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.2 Ensure IPv6 redirects are not accepted - /etc/sysctl ipv6 default accept	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.3.2 Ensure IPv6 redirects are not accepted - sysctl ipv6 default accept	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.4 Network Parameter Modifications - Check if '/dev/tcp tcp_rev_src_routes' is set to 0 in /etc/init.d/netconfig (Solaris 8 or later)	CIS Solaris 9 v1.3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.4 Network Parameter Modifications - Check if 'ip_ire_arp_interval' is set 60000 to in /etc/init.d/netconfig (Solaris 8 or later)	CIS Solaris 9 v1.3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.4 Network Parameter Modifications - Check if 'ip6_forward_src_routed' is set to 0 in /etc/init.d/netconfig (Solaris 8 or later)	CIS Solaris 9 v1.3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.5 Additional network parameter - If Firewall/Gateway, Check 'ip_forwarding' = 0 in /etc/init.d/netconfig.	CIS Solaris 9 v1.3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'	CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.3 (L1) Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.3 (L1) Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.3 (L1) Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.3 (L1) Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.5 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'	CIS Microsoft Windows Server 2019 STIG v2.0.0 L2 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.5 Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L2 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.6 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'	CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.6 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'	CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.6 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.6 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
ACLs: Filter for RFC 3330 addresses (192.0.2.0/24)	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
ACLs: Filter for RFC 3330 addresses (240.0.0.0/4)	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	SYSTEM AND COMMUNICATIONS PROTECTION
Apply local connection security rules	MSCT Windows 10 v22H2 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Apply local connection security rules	MSCT Windows 11 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Apply local firewall rules	MSCT Windows 11 v22H2 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Firewall State - Private Profile	MSCT Windows Server 2022 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Firewall State - Private Profile	MSCT Windows 11 v22H2 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Firewall State - Public Profile	MSCT MSCT Windows Server 2022 DC v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)	MSCT Windows Server 2022 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)	MSCT Windows 11 v22H2 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)	MSCT Windows 10 v22H2 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes	MSCT MSCT Windows Server 2022 DC v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
vNetwork : reject-forged-transmit - 'vSwitch'	VMWare vSphere 6.0 Hardening Guide	VMware	SYSTEM AND COMMUNICATIONS PROTECTION
vNetwork : reject-forged-transmit-StandardSwitch	VMWare vSphere 6.5 Hardening Guide	VMware	SYSTEM AND COMMUNICATIONS PROTECTION
Windows Defender Firewall: Protect all network connections	MSCT Windows 10 v21H1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Windows Defender Firewall: Protect all network connections	MSCT Windows 11 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search