Download
| Alert*
oval:org.secpod.oval:def:46228
The Set Lockout Time For Failed Password Attempts should be set correctly. oval:org.secpod.oval:def:46227 The pam_cracklib module checks the strength of passwords. It performs checks such as making sure a password is not a dictionary word, it is a certain length, contains a mix of characters (e.g. alphabet, numeric, other) and more. The following are definitions of the pam_cracklib.so options. * retr ... oval:org.secpod.oval:def:46249 The /etc/group file contains a list of all the valid groups defined in the system. The command below allows read/write access for root and read access for everyone else. oval:org.secpod.oval:def:46205 The kernel runtime parameter "net.ipv6.conf.default.accept_ra" should be set to "0". oval:org.secpod.oval:def:46279 Only SSH protocol version 2 connections should be permitted. oval:org.secpod.oval:def:46234 Root login via SSH should be disabled (and dependencies are met) oval:org.secpod.oval:def:46231 File permission for '/etc/ssh/sshd_config' is set to appropriate values. oval:org.secpod.oval:def:46239 The minimum password age policy should be set appropriately. oval:org.secpod.oval:def:46238 The maximum password age policy should meet minimum requirements. oval:org.secpod.oval:def:46245 This test makes sure that '/etc/shadow' file permission is setted as appropriate. If the target file or directory has an extended ACL then it will fail the mode check. oval:org.secpod.oval:def:46248 The /etc/shadow file contains the one-way cipher text passwords for each user defined in the /etc/passwd file. The command below sets the user and group ownership of the file to root. oval:org.secpod.oval:def:46247 The /etc/passwd file contains a list of all the valid userIDs defined in the system, but not the passwords. The command below sets the owner and group of the file to root. |