BSI_100_2_Redhat_v1.0.audit from BSI-100-2 Red Hat Linux 2005 | BSI-100-2 Red Hat Linux 2005 | Unix | |
BSI-100-2: S 2.33: Division of administrator roles under Unix: Password length >= 12 | BSI-100-2 Red Hat Linux 2005 | Unix | IDENTIFICATION AND AUTHENTICATION |
BSI-100-2: S 4.13: Careful allocation of identifiers: /etc/group consistency | BSI-100-2 Red Hat Linux 2005 | Unix | IDENTIFICATION AND AUTHENTICATION |
BSI-100-2: S 4.13: Careful allocation of identifiers: /etc/password consistency | BSI-100-2 Red Hat Linux 2005 | Unix | IDENTIFICATION AND AUTHENTICATION |
BSI-100-2: S 4.13: Careful allocation of identifiers: Every GID must be valid | BSI-100-2 Red Hat Linux 2005 | Unix | ACCESS CONTROL |
BSI-100-2: S 4.13: Careful allocation of identifiers: Every group ID (GID) must be unique - Zero GID | BSI-100-2 Red Hat Linux 2005 | Unix | IDENTIFICATION AND AUTHENTICATION |
BSI-100-2: S 4.13: Careful allocation of identifiers: Every group log-in name must be unique | BSI-100-2 Red Hat Linux 2005 | Unix | IDENTIFICATION AND AUTHENTICATION |
BSI-100-2: S 4.13: Careful allocation of identifiers: Every log-in name must be unique | BSI-100-2 Red Hat Linux 2005 | Unix | IDENTIFICATION AND AUTHENTICATION |
BSI-100-2: S 4.13: Careful allocation of identifiers: Every UID must be unique | BSI-100-2 Red Hat Linux 2005 | Unix | IDENTIFICATION AND AUTHENTICATION |
BSI-100-2: S 4.14: Mandatory password protection under Unix: Passwords should not be stored in the universally readable /etc/passwd file | BSI-100-2 Red Hat Linux 2005 | Unix | IDENTIFICATION AND AUTHENTICATION |
BSI-100-2: S 4.18: Administrative and technical means to control access to the system-monitor and single-user mode: console access password | BSI-100-2 Red Hat Linux 2005 | Unix | ACCESS CONTROL |
BSI-100-2: S 4.21: Preventing unauthorised acquisition of administrator rights: Block ftp for administrative accesses. | BSI-100-2 Red Hat Linux 2005 | Unix | ACCESS CONTROL |
BSI-100-2: S 4.22: Prevention of loss of confidentiality of sensitive data in the Unix system: Finger service | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.22: Prevention of loss of confidentiality of sensitive data in the Unix system: FTP service | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.22: Prevention of loss of confidentiality of sensitive data in the Unix system: SMB service | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.22: Prevention of loss of confidentiality of sensitive data in the Unix system: Telnet service | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: /etc/X11/xinit/xinitrc - 'xhost +' should never be used | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: /usr/X11R6/bin/startx - 'xhost +' should never be used. | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: /usr/X11R6/lib/X11/xdm/Xsession - 'xhost +' should never be used. | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: ~/.Xclients - 'xhost +' should never be used. | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: ~/.Xclients.gnome - 'xhost +' should never be used. | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: ~/.xinitrc - 'xhost +' should never be used. | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: FTP - Remove non-required services from /etc/inetd.conf | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: INND - Remove non-required services from /etc/inetd.conf | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: Rexecd must be deactivated | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: Rlogind must be deactivated | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: RSHD - Remove non-required services from /etc/inetd.conf | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: Rshd must be deactivated | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: SMBD - Remove non-required services from /etc/inetd.conf | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: Telnet - Remove non-required services from /etc/inetd.conf | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: Telnet should be replaced by SSH. | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: TFTP - Remove non-required services from /etc/inetd.conf | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: Tftp should be started with the option -s | BSI-100-2 Red Hat Linux 2005 | Unix | ACCESS CONTROL |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: UGIDD - Remove non-required services from /etc/inetd.conf | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: UUCP - Remove non-required services from /etc/inetd.conf | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.105: Initial measures after a Unix standard installation: YPBIND - Remove non-required services from /etc/inetd.conf | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.106: Activation of system logging: /etc/rsyslog.conf - *.err;kern.warning;auth.err;daemon.err | BSI-100-2 Red Hat Linux 2005 | Unix | AUDIT AND ACCOUNTABILITY |
BSI-100-2: S 4.106: Activation of system logging: /etc/rsyslog.conf - auth.info | BSI-100-2 Red Hat Linux 2005 | Unix | AUDIT AND ACCOUNTABILITY |
BSI-100-2: S 4.106: Activation of system logging: /etc/rsyslog.conf - lpr.info | BSI-100-2 Red Hat Linux 2005 | Unix | AUDIT AND ACCOUNTABILITY |
BSI-100-2: S 4.106: Activation of system logging: /etc/rsyslog.conf - mail.info | BSI-100-2 Red Hat Linux 2005 | Unix | AUDIT AND ACCOUNTABILITY |
BSI-100-2: S 4.106: Activation of system logging: Only system administrators can change syslog.conf | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.151: Secure installation of Internet PCs: The Linux packet filter function iptables can be used. | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.151: Secure installation of Internet PCs: Uninstall Apache and any other web server software | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 4.200: Handling of USB storage media: Prevent the device driver for USB storage media from starting up | BSI-100-2 Red Hat Linux 2005 | Unix | SYSTEM AND INFORMATION INTEGRITY |
BSI-100-2: S 5.18: Use of the NIS security mechanisms: The file /etc/passwd must not contain the entry +::0:0::: | BSI-100-2 Red Hat Linux 2005 | Unix | IDENTIFICATION AND AUTHENTICATION |
BSI-100-2: S 5.18: Use of the NIS security mechanisms: The password file /etc/passwd must not contain the entry +::0:0::: | BSI-100-2 Red Hat Linux 2005 | Unix | IDENTIFICATION AND AUTHENTICATION |
BSI-100-2: S 5.19: Use of the sendmail security mechanisms: Privileged users like bin or root should not have a .forward file. | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 5.35: Use of the security mechanisms of UUCP | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 5.39: Secure use of protocols and services: FTP should not be used to transmit confidential data over public networks | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |
BSI-100-2: S 5.39: Secure use of protocols and services: Telnet not to be used on insecure networks | BSI-100-2 Red Hat Linux 2005 | Unix | CONFIGURATION MANAGEMENT |