Item Search

NameAudit NamePluginCategory
ARST-RT-000060 - The Arista BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

ACCESS CONTROL

ARST-RT-000100 - The Arista BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

ACCESS CONTROL

CISC-RT-000540 - The Cisco BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA STIG Cisco IOS Router RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000540 - The Cisco BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA STIG Cisco IOS-XR Router RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000540 - The Cisco BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA STIG Cisco IOS XE Router RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000540 - The Cisco BGP switch must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000540 - The Cisco BGP switch must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA STIG Cisco NX-OS Switch RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - ip as-path access-listDISA STIG Cisco IOS Router RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - route-policyDISA STIG Cisco IOS-XR Router RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA STIG Cisco IOS Router RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA STIG Cisco IOS XE Router RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA STIG Cisco IOS-XR Router RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000550 - The Cisco BGP switch must be configured to reject route advertisements from CE switches with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA STIG Cisco NX-OS Switch RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000550 - The Cisco BGP switch must be configured to reject route advertisements from CE switches with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

ACCESS CONTROL

GEN000000-AIX00020 - AIX Trusted Computing Base (TCB) software must be implemented.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL, SYSTEM AND SERVICES ACQUISITION

GEN000000-AIX00020 - AIX Trusted Computing Base (TCB) software must be implemented.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL, SYSTEM AND SERVICES ACQUISITION

GEN000000-AIX00040 - The securetcpip command must be usedDISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX00040 - The securetcpip command must be used - /etc/security/config has been configuredDISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX00040 - The securetcpip command must be used.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX0200 - The system must not allow directed broadcasts to gateway.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX0200 - The system must not allow directed broadcasts to gateway.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX0210 - The system must provide protection from Internet Control Message Protocol (ICMP) attacks on TCP connections.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX0210 - The system must provide protection from Internet Control Message Protocol (ICMP) attacks on TCP connections.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX0220 - The system must provide protection for the TCP stack against connection resets, SYN, and data injection attacks.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX0220 - The system must provide protection for the TCP stack against connection resets, SYN, and data injection attacks.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX0230 - The system must provide protection against IP fragmentation attacks.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX0230 - The system must provide protection against IP fragmentation attacks.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX0300 - The system must not have the bootp service active.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX0300 - The system must not have the bootp service active.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX0310 - The /etc/ftpaccess.ctl file must exist.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX0310 - The /etc/ftpaccess.ctl file must exist.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.highDISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.lowDISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.lowDISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.medDISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - uid_aliasesDISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - uid_aliasesDISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

GEN000000-SOL00140 - The /usr/aset/masters/uid_aliases must be empty.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

GEN000000-SOL00140 - The /usr/aset/masters/uid_aliases must be empty.DISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

GEN000000-SOL00180 - The Solaris system Automated Security Enhancement Tool (ASET) configurable parameters in the asetenv file must be correct - ASET configurable parameters in the asetenv file must be correct.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN000000-SOL00200 - The asetenv file YPCHECK variable must be set to true when NIS+ is configured.DISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN000000-SOL00200 - The asetenv file YPCHECK variable must be set to true when NIS+ is configured.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN000000-SOL00220 - The /usr/aset/userlist file must exist - /usr/aset/userlistDISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN000000-SOL00420 - Hidden extended file attributes must not exist on the system.DISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

GEN000000-SOL00420 - Hidden extended file attributes must not exist on the system.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

JUEX-RT-000060 - The Juniper BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA Juniper EX Series Router v2r1Juniper

ACCESS CONTROL

JUEX-RT-000100 - The Juniper router configured for BGP must reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA Juniper EX Series Router v2r1Juniper

ACCESS CONTROL

JUNI-RT-000530 - The Juniper BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA STIG Juniper Router RTR v3r1Juniper

ACCESS CONTROL

JUNI-RT-000535 - The Juniper BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - as-pathDISA STIG Juniper Router RTR v3r1Juniper

ACCESS CONTROL

JUNI-RT-000535 - The Juniper BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - bgp importDISA STIG Juniper Router RTR v3r1Juniper

ACCESS CONTROL