Detections
Analytics

CCI|CCI-001436

Title

The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
GEN003580 - The system must use initial TCP sequence numbers most resistant to sequence number guessing attacks.UnixDISA STIG AIX 5.3 v1r2
GEN003810 - The portmap or rpcbind service must not be running unless needed - 'portmap chkconfig'UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN003810 - The portmap or rpcbind service must not be running unless needed - 'portmap process'UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN003810 - The portmap or rpcbind service must not be running unless needed.UnixDISA STIG AIX 5.3 v1r2
GEN005260 - X Window System connections not required must be disabled.UnixDISA STIG for Oracle Linux 5 v2r1
GEN005260 - X Window System connections not required must be disabled.UnixDISA STIG AIX 6.1 v1r14
GEN005260 - X Window System connections not required must be disabled.UnixDISA STIG AIX 5.3 v1r2
GEN005260 - X Window System connections that are not required must be disabled.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN005280 - The system must not have the UUCP service active.UnixDISA STIG for Oracle Linux 5 v2r1
GEN005280 - The system must not have the UUCP service active.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN005280 - The system must not have the UUCP service active.UnixDISA STIG AIX 6.1 v1r14
GEN005280 - The system must not have the UUCP service active.UnixDISA STIG AIX 5.3 v1r2
GEN005500 - The SSH daemon must be configured to only use the SSHv2 protocol.UnixDISA STIG AIX 5.3 v1r2
GEN005500 - The SSH daemon must be configured to only use the SSHv2 protocol.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN005500 - The SSH daemon must be configured to only use the SSHv2 protocol.UnixDISA STIG for Oracle Linux 5 v2r1
GEN005500 - The SSH daemon must be configured to only use the SSHv2 protocol.UnixDISA STIG AIX 6.1 v1r14
GEN005501 - The SSH client must be configured to only use the SSHv2 protocol.UnixDISA STIG AIX 5.3 v1r2
GEN005501 - The SSH client must be configured to only use the SSHv2 protocol.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN005501 - The SSH client must be configured to only use the SSHv2 protocol.UnixDISA STIG for Oracle Linux 5 v2r1
GEN005501 - The SSH client must be configured to only use the SSHv2 protocol.UnixDISA STIG AIX 6.1 v1r14
GEN006040 - The system must not have any peer-to-peer file-sharing application installed.UnixDISA STIG for Oracle Linux 5 v2r1
GEN006040 - The system must not have any peer-to-peer file-sharing application installed.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN006040 - The system must not have any peer-to-peer file-sharing application installed.UnixDISA STIG AIX 5.3 v1r2
GEN006040 - The system must not have any peer-to-peer file-sharing application installed.UnixDISA STIG AIX 6.1 v1r14
GEN006060 - The system must not run Samba unless needed.UnixDISA STIG for Oracle Linux 5 v2r1
GEN006060 - The system must not run Samba unless needed.UnixDISA STIG AIX 5.3 v1r2
GEN006060 - The system must not run Samba unless needed.UnixDISA STIG AIX 6.1 v1r14
GEN006060 - The system must not run the Samba service unless needed.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN006080 - The Samba Web Administration Tool (SWAT) must be restricted to the local host or require SSL - '/etc/xinetd.d/swat'UnixDISA STIG for Oracle Linux 5 v2r1
GEN006080 - The Samba Web Administration Tool (SWAT) must be restricted to the local host or require SSL - '/etc/xinetd.d/swat'UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN006080 - The Samba Web Administration Tool (SWAT) must be restricted to the local host or require SSL - 'samba-swat'UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN006080 - The Samba Web Administration Tool (SWAT) must be restricted to the local host or require SSL - 'samba-swat'UnixDISA STIG for Oracle Linux 5 v2r1
GEN006080 - The Samba Web Administration Tool (SWAT) must be restricted to the local host or require SSL - 'samba3x-swat'UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN006080 - The Samba Web Administration Tool (SWAT) must be restricted to the local host or require SSL - 'samba3x-swat'UnixDISA STIG for Oracle Linux 5 v2r1
GEN006080 - The Samba Web Administration Tool (SWAT) must be restricted to the local host or require SSL.UnixDISA STIG AIX 5.3 v1r2
GEN006080 - The Samba Web Administration Tool (SWAT) must be restricted to the local host or require SSL.UnixDISA STIG AIX 6.1 v1r14
GEN006380 - The system must not use UDP for NIS/NIS+.UnixDISA STIG AIX 5.3 v1r2
GEN006380 - The system must not use UDP for NIS/NIS+.UnixDISA STIG for Oracle Linux 5 v2r1
GEN006380 - The system must not use UDP for NIS/NIS+.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN006380 - The system must not use UDP for NIS/NIS+.UnixDISA STIG AIX 6.1 v1r14
GEN009140 - The system must not have the chargen service active.UnixDISA STIG AIX 6.1 v1r14
GEN009140 - The system must not have the chargen service active.UnixDISA STIG AIX 5.3 v1r2
GEN009160 - The system must not have the Calendar Manager Service Daemon (CMSD) service active.UnixDISA STIG AIX 5.3 v1r2
GEN009160 - The system must not have the Calendar Manager Service Daemon (CMSD) service active.UnixDISA STIG AIX 6.1 v1r14
GEN009180 - The system must not have the tool-talk database server (ttdbserver) service active.UnixDISA STIG AIX 6.1 v1r14
GEN009180 - The system must not have the tool-talk database server (ttdbserver) service active.UnixDISA STIG AIX 5.3 v1r2
GEN009190 - The system must not have the comsat service active.UnixDISA STIG AIX 5.3 v1r2
GEN009190 - The system must not have the comsat service active.UnixDISA STIG AIX 6.1 v1r14
GEN009200 - The system must not have the daytime service active.UnixDISA STIG AIX 5.3 v1r2
GEN009200 - The system must not have the daytime service active.UnixDISA STIG AIX 6.1 v1r14