Item Search

NameAudit NamePluginCategory
1.1.1.8 Ensure mounting of FAT filesystems is limited - modprobeCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.3 Ensure nodev option set on /tmp partitionCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.6 Ensure separate partition exists for /varCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.7 Ensure separate partition exists for /var/tmpCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.8 Ensure nosuid option set on /dev/shm partitionCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.11 Ensure separate partition exists for /var/tmpCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.17 Ensure separate partition exists for /homeCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.18 Ensure /home partition includes the nodev optionCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.22 Ensure sticky bit is set on all world-writable directoriesCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.7.2 Ensure local login warning banner is configured properly - bannerCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.7.2 Ensure local login warning banner is configured properly - platform flagsCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.7.3 Ensure remote login warning banner is configured properly - platform flagsCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.7.6 Ensure permissions on /etc/issue.net are configuredCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.7.6 Ensure permissions on /etc/issue.net are configuredCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.8.2 Ensure GDM login banner is configured - banner-message-enableCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.8.2 Ensure GDM login banner is configured - banner-message-textCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

1.8.3 Ensure disable-user-list is enabledCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure packet redirect sending is disabled - net.ipv4.conf.default.send_redirects (sysctl.conf/sysctl.d)CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure packet redirect sending is disabled - sysctl net.ipv4.conf.default.send_redirectsCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure IP forwarding is disabled - ipv6 (sysctl.conf/sysctl.d)CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure IP forwarding is disabled - sysctl ipv4CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure IP forwarding is disabled - sysctl ipv6CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - net.ipv4.conf.default.accept_source_route (sysctl.conf/sysctl.d)CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - net.ipv6.conf.default.accept_source_route (sysctl.conf/sysctl.d)CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.default.accept_source_routeCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.all.accept_source_routeCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.all.accept_source_routeCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.default.accept_source_routeCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.default.accept_source_routeCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - net.ipv4.conf.all.accept_redirects (sysctl.conf/sysctl.d)CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - sysctl net.ipv4.conf.all.accept_redirectsCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.all.accept_redirectsCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.all.accept_redirectsCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.5 Ensure broadcast ICMP requests are ignored - sysctl execCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.5 Ensure broadcast ICMP requests are ignored - sysctl.conf/sysctl.dCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.7 Ensure Reverse Path Filtering is enabled - 'net.ipv4.conf.default.rp_filter' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.8 Ensure TCP SYN Cookies is enabled - sysctl execCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.8 Ensure TCP SYN Cookies is enabled - sysctl.conf/sysctl.dCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.9 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.all.accept_ra'CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

3.3.9 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.default.accept_ra'CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.11 Ensure use of privileged commands is collectedCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (32-bit)CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl insmodCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.2.17 Ensure SSH LoginGraceTime is set to one minute or lessCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

5.2.19 Ensure SSH warning banner is configuredCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

5.2.20 Ensure SSH PAM is enabledCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

5.3.22 Ensure SSH MaxStartups is configuredCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.3.22 Ensure SSH MaxStartups is configuredCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.3.23 Ensure SSH MaxSessions is limitedCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

6.2.4 Ensure all users' home directories existCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT