1.2 Install TCP Wrappers - Allow localhost. Note: Replace 172.16.100.0/255.255.255.0 with a network block in use at your organization. | CIS Solaris 9 v1.3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
1.2 Install TCP Wrappers - Deny access to this server from all networks | CIS Solaris 9 v1.3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
1.3 Ensure specific whitelisted IP addresses, IP address ranges, and/or domains are set | CIS Microsoft SharePoint 2019 OS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.3 Ensure specific whitelisted IP addresses, IP address ranges, and/or domains are set | CIS Microsoft SharePoint 2016 OS v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.7 Ensure that the --make-iptables-util-chains argument is set to true | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.8 Ensure that the --make-iptables-util-chains argument is set to true | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.8 Ensure that the --make-iptables-util-chains argument is set to true | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.8 Ensure that the --make-iptables-util-chains argument is set to true | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.4 Configure TCP Wrappers - Allow localhost. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.4 Configure TCP Wrappers - Deny access to this server from all networks | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.10.2 - TCP Wrappers - creating a hosts.deny file - configuration - 'hosts.deny file contains ALL:ALL' | CIS AIX 5.3/6.1 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.10.3 - TCP Wrappers - creating a hosts.allow file - configuration - 'hosts.allow has been configured' | CIS AIX 5.3/6.1 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.11 Configure TCP Wrappers - hosts.allow | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.11 Configure TCP Wrappers - hosts.allow | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.11 Configure TCP Wrappers - hosts.deny | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.11 Configure TCP Wrappers - hosts.deny | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.12 Configure TCP Wrappers - hosts.allow | CIS Solaris 11 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.12 Configure TCP Wrappers - hosts.deny | CIS Solaris 11 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Default deny configured' | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 10.0.0.0' | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 172.16.0.0' | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4.2 Ensure /etc/hosts.allow is configured | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4.2 Ensure /etc/hosts.allow is configured | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4.2 Ensure /etc/hosts.allow is configured | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4.2 Ensure /etc/hosts.allow is configured | CIS Amazon Linux v2.1.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4.2 Ensure /etc/hosts.allow is configured | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4.3 Ensure /etc/hosts.deny is configured | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4.3 Ensure /etc/hosts.deny is configured | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4.3 Ensure /etc/hosts.deny is configured | CIS Amazon Linux v2.1.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4.3 Ensure /etc/hosts.deny is configured | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4.3 Ensure /etc/hosts.deny is configured | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
4.2.6 Ensure 'Default Window Management permissions setting' Is 'Enabled' to 'Deny Permission' | CIS Google Chrome L2 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.3 Ensure 'Security Policy' denying any/all traffic exists at the bottom of the security policies ruleset | CIS Palo Alto Firewall 6 Benchmark L2 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
7.3 Ensure 'Security Policy' denying any/all traffic exists at the bottom of the security policies ruleset | CIS Palo Alto Firewall 7 Benchmark L2 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
7.4.2 Create /etc/hosts.allow | CIS Debian Linux 7 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.4.2 Create /etc/hosts.allow | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.4.4 Create /etc/hosts.deny | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.4.4 Create /etc/hosts.deny | CIS Debian Linux 7 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Adtran : Firewall - Deny by Default ACL | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure /etc/hosts.allow is configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure /etc/hosts.deny is configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Firewall Filter - Ensure the last term, default-deny, includes the syslog option | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
Firewall Filter - Protect the Routing Engine using a default deny firewall filter | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
Inbound Connections - Domain Profile | MSCT Windows 10 v22H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Management Services Security - Allow SNMP queries and/or send traps to more than one trusted server - client-list restrict | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
Management Services Security - Allow SNMP queries and/or send traps to more than one trusted server - clients restrict | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
The hosts.allow file limits access to the local network | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
The hosts.deny file blocks access by default | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
XenServer - The hosts.allow file limits access to the local network | TNS Citrix XenServer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
XenServer - The hosts.deny file blocks access by default | TNS Citrix XenServer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |