Download
| Alert*
oval:org.secpod.oval:def:26129
Specify Additional Remote NTP Servers (/etc/ntp.conf) should be configured appropriately. oval:org.secpod.oval:def:26107 Disable CGI Support (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:26125 mod_ssl package installation should be configured appropriately. oval:org.secpod.oval:def:26113 Disable MIME Magic (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:26132 System Audit Logs Must Have Mode 0640 or Less Permissive (/var/log/audit/*) should be configured appropriately. oval:org.secpod.oval:def:26106 Disable Avahi Publishing (/etc/avahi/avahi-daemon.conf) should be configured appropriately. oval:org.secpod.oval:def:25570 Configure Dovecot to Use the SSL Key file should be configured appropriately. oval:org.secpod.oval:def:26121 Disable Prelinking (/etc/sysconfig/prelink) should be configured appropriately. oval:org.secpod.oval:def:26105 Configure statd to use static port (/etc/sysconfig/nfs) should be configured appropriately. oval:org.secpod.oval:def:26116 Disable URL Correction on Misspelled Entries (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:26111 Disable LDAP Support (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:26103 Configure SNMP Service to Use Only SNMPv3 or Newer (/etc/snmp/snmpd.conf) should be configured appropriately. oval:org.secpod.oval:def:26128 Set Password to Maximum of Three Consecutive Repeating Characters should be configured appropriately. oval:org.secpod.oval:def:26117 Disable Web Server Configuration Display (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:26109 Disable HTTP Digest Authentication (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:26131 System Audit Logs Must Be Owned By Root (/var/log/*) should be configured appropriately. oval:org.secpod.oval:def:25571 Logging (/etc/rsyslog.conf) should be configured appropriately. oval:org.secpod.oval:def:26114 Disable Server Activity Status (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:26127 Restrict Access to Anonymous Users should be configured appropriately. oval:org.secpod.oval:def:26112 Disable Logwatch on Clients if a Logserver Exists (/etc/cron.daily/0logwatch) should be configured appropriately. oval:org.secpod.oval:def:26118 Disable WebDAV (Distributed Authoring and Versioning) (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:26110 Disable HTTP mod_rewrite (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:25837 Configure Periodic Execution of AIDE (/etc/crontab) should be configured appropriately. oval:org.secpod.oval:def:26108 Disable Cache Support (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:26126 Limit Users SSH Access should be configured appropriately. oval:org.secpod.oval:def:26104 Configure auditd to use audispd plugin (/etc/audisp/plugins.d/syslog.conf) should be configured appropriately. oval:org.secpod.oval:def:26115 Disable Server Side Includes (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:26122 Ensure Default Password Is Not Used (/etc/snmp/snmpd.conf) should be configured appropriately. oval:org.secpod.oval:def:26123 Ensure Insecure File Locking is Not Allowed (/etc/exports) should be configured appropriately. oval:org.secpod.oval:def:26130 Specify UID and GID for Anonymous NFS Connections (/etc/exports) should be configured appropriately. oval:org.secpod.oval:def:26124 The mod_security package installation should be configured appropriately. oval:org.secpod.oval:def:20316 The /etc/group file should be owned by the appropriate group. oval:org.secpod.oval:def:20319 The /etc/shadow file should be owned by the appropriate user. oval:org.secpod.oval:def:20408 SSH's cryptographic host-based authentication is more secure than .rhosts authentication. However, it is not recommended that hosts unilaterally trust one another, even within an organization. oval:org.secpod.oval:def:20199 The SSH ClientAliveCountMax should be set to an appropriate value (and dependencies are met) oval:org.secpod.oval:def:20194 Record attempts to alter time through adjtimex. oval:org.secpod.oval:def:20291 This test makes sure that '/etc/passwd' has proper permission. If the target file or directory has an extended ACL then it will fail the mode check. oval:org.secpod.oval:def:20358 The minimum password age policy should be set appropriately. oval:org.secpod.oval:def:20235 The screen saver should be blank. oval:org.secpod.oval:def:20244 The kernel module jffs2 should be disabled. oval:org.secpod.oval:def:20223 Limit the ciphers to those which are FIPS-approved and only use ciphers in counter (CTR) mode. oval:org.secpod.oval:def:20351 The password minimum length should be set appropriately. oval:org.secpod.oval:def:20339 The maximum password age policy should meet minimum requirements. oval:org.secpod.oval:def:20334 The /etc/gshadow file should be owned by the appropriate group. oval:org.secpod.oval:def:20222 The kernel module freevxfs should be disabled. oval:org.secpod.oval:def:20328 The SELinux state should be enforcing the local policy. oval:org.secpod.oval:def:20206 The kernel module cramfs should be disabled. oval:org.secpod.oval:def:20202 The postfix service should be enabled if possible. oval:org.secpod.oval:def:20283 The /etc/passwd file should be owned by the appropriate group. oval:org.secpod.oval:def:20268 The /etc/group file should be owned by the appropriate user. oval:org.secpod.oval:def:20266 The rsyslog service should be enabled if possible. oval:org.secpod.oval:def:20368 The /etc/gshadow file should be owned by the appropriate user. oval:org.secpod.oval:def:20252 The gpgcheck option should be used to ensure that checking of an RPM package's signature always occurs prior to its installation. oval:org.secpod.oval:def:20515 The sysstat service should be disabled if possible. oval:org.secpod.oval:def:20516 The certmonger service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20512 The saslauthd service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20510 The rhsmcertd service should be disabled if possible. oval:org.secpod.oval:def:20519 The accounts should be configured to expire automatically following inactivity. oval:org.secpod.oval:def:20517 The '.rhosts' or 'hosts.equiv' files should exists or doesn't exists on the system. oval:org.secpod.oval:def:20518 The TFTP daemon should use secure mode. oval:org.secpod.oval:def:20505 The psacct service should be enabled if possible. oval:org.secpod.oval:def:20502 The portreserve service should be disabled if possible. oval:org.secpod.oval:def:20500 The oddjobd service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20509 The rdisc service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20506 The quota_nld service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20317 The RPM package screen should be installed. oval:org.secpod.oval:def:20438 Directory permissions for /var/log/httpd should be set appropriately. oval:org.secpod.oval:def:20439 Disable Zeroconf automatic route assignment in the 169.254.0.0 subnet. oval:org.secpod.oval:def:20318 The RPM package tftp-server should be removed. oval:org.secpod.oval:def:20315 The Apache qpidd service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20436 The squid service should be disabled if possible. oval:org.secpod.oval:def:20437 The lockd service should be configured to use a static port or a dynamic portmapper port for TCP as appropriate. oval:org.secpod.oval:def:20434 Plaintext authentication of mail clients should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20435 A warning banner for all FTP users should be enabled or disabled as appropriate oval:org.secpod.oval:def:20432 Logging of vsftpd transactions should be enabled or disabled as appropriate oval:org.secpod.oval:def:20311 The dovecot service should be disabled if possible. oval:org.secpod.oval:def:20312 The RPM package dovecot should be removed. oval:org.secpod.oval:def:20433 The Samba (SMB) service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20441 Enable privacy extensions for IPv6 oval:org.secpod.oval:def:20320 The vsftpd service should be disabled if possible. oval:org.secpod.oval:def:20200 The password hashing algorithm should be set correctly in /etc/pam.d/system-auth. oval:org.secpod.oval:def:20442 The anacron service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20440 The disable option will allow the IPv6 module to be inserted, but prevent address assignment and activation of the network stack. oval:org.secpod.oval:def:20427 The password retry should meet minimum requirements using pam_cracklib oval:org.secpod.oval:def:20306 The messagebus service should be disabled if possible. oval:org.secpod.oval:def:20428 Emulation of the rsh command through the ssh server should be disabled (and dependencies are met) oval:org.secpod.oval:def:20425 Restriction of NFS clients to privileged ports should be enabled or disabled as appropriate oval:org.secpod.oval:def:20304 The snmpd service should be disabled if possible. oval:org.secpod.oval:def:20426 The rpcsvcgssd service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20544 The yum-updatesd service should be disabled oval:org.secpod.oval:def:20423 Checks /etc/inittab to ensure that default runlevel is set to 3. oval:org.secpod.oval:def:20303 The cups service should be disabled if possible. oval:org.secpod.oval:def:20424 The RPM package dhcpd should be removed. oval:org.secpod.oval:def:20421 The mountd service should be configured to use a static port or a dynamic portmapper port as appropriate oval:org.secpod.oval:def:20543 The RPM package openswan should be installed. oval:org.secpod.oval:def:20301 The ypbind service should be disabled if possible. oval:org.secpod.oval:def:20422 File uploads via vsftpd should be enabled or disabled as appropriate oval:org.secpod.oval:def:20308 The kernel runtime parameter "net.ipv4.conf.default.rp_filter" should be set to "1". oval:org.secpod.oval:def:20309 The default umask for users of the bash shell oval:org.secpod.oval:def:20430 The netfs service should be disabled if possible. oval:org.secpod.oval:def:20310 The SSH idle timeout interval should be set to an appropriate value. oval:org.secpod.oval:def:20431 Root squashing should be enabled or disabled as appropriate for all NFS shares. oval:org.secpod.oval:def:20537 max_log_file setting in /etc/audit/auditd.conf is set to at least a certain value oval:org.secpod.oval:def:20416 The CUPS print service can be configured to broadcast a list of available printers to the network. Other machines on the network, also running the CUPS print service, can be configured to listen to these broadcasts and add and configure these printers for immediate use. By disabling this browsing ca ... oval:org.secpod.oval:def:20417 The number of allowed failed logins should be set correctly. oval:org.secpod.oval:def:21745 The rsyslog to Accept Messages via UDP, if Acting As Log Server should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20414 DHCPDECLINE messages should be accepted or denied by the DHCP server as appropriate oval:org.secpod.oval:def:20535 The RPM package sendmail should be removed. oval:org.secpod.oval:def:20536 num_logs setting in /etc/audit/auditd.conf is set to at least a certain value oval:org.secpod.oval:def:20415 By default, locally configured printers will not be shared over the network, but if this functionality has somehow been enabled, these recommendations will disable it again. Be sure to disable outgoing printer list broadcasts, or remote users will still be able to see the locally configured printers ... oval:org.secpod.oval:def:20412 Root login via SSH should be disabled (and dependencies are met) oval:org.secpod.oval:def:20533 Directory permissions for /etc/httpd/conf/ should be set as appropriate. oval:org.secpod.oval:def:20534 Protect against unnecessary release of information. oval:org.secpod.oval:def:20413 The nfslock service should be disabled if possible. oval:org.secpod.oval:def:20531 Dovecot plaintext authentication of clients should be enabled or disabled as necessary oval:org.secpod.oval:def:20411 A remote NTP Server for time synchronization should be specified (and dependencies are met) oval:org.secpod.oval:def:20418 The SELinux state should be set appropriately. oval:org.secpod.oval:def:20539 SSL capabilities should be enabled for the mail server. oval:org.secpod.oval:def:20540 The apache2 server's ServerSignature value should be set appropriately. oval:org.secpod.oval:def:20420 SSH warning banner should be enabled (and dependencies are met). oval:org.secpod.oval:def:20541 The Avahi daemon should be configured to serve via Ipv6 or not as appropriate. oval:org.secpod.oval:def:20526 The kernel runtime parameter "kernel.dmesg_restrict" should be set to "1". oval:org.secpod.oval:def:20405 The haldaemon service should be disabled if possible. oval:org.secpod.oval:def:20406 The avahi-daemon service should be disabled if possible. oval:org.secpod.oval:def:20527 The apache2 server's ServerTokens value should be set appropriately oval:org.secpod.oval:def:20403 The bluetooth service should be disabled if possible. oval:org.secpod.oval:def:20524 Change the default policy to DROP (from ACCEPT) for the INPUT built-in chain (/etc/sysconfig/ip6tables). oval:org.secpod.oval:def:20525 Avahi should be configured to accept packets with a TTL field not equal to 255 or not as appropriate. oval:org.secpod.oval:def:20522 Avahi should be configured to allow other stacks from binding to port 5353 or not as appropriate. oval:org.secpod.oval:def:20401 BOOTP queries should be accepted or denied by the DHCP server as appropriate. oval:org.secpod.oval:def:20402 The RPM package ypserv should be removed. oval:org.secpod.oval:def:20523 The /etc/httpd/conf/* files should have the appropriate permissions. oval:org.secpod.oval:def:20520 Configure the system to notify users of last logon/access using pam_lastlog. oval:org.secpod.oval:def:20521 Avahi publishing of IP addresses should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20400 The httpd service should be disabled if possible. oval:org.secpod.oval:def:20409 The ntpd service should be enable or disable as appropriate. oval:org.secpod.oval:def:20528 The pcscd service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20529 The HTTPD Proxy Module Support should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20530 The maximum number of concurrent login sessions per user should meet minimum requirements. oval:org.secpod.oval:def:20191 Idle activation of the screen lock should be enabled. oval:org.secpod.oval:def:20192 The kernel module rds should be disabled. oval:org.secpod.oval:def:20197 The sshd service should be disabled if possible. oval:org.secpod.oval:def:20196 Record Events that Modify the System's Discretionary Access Controls - chmod. The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20289 The rlogin service should be disabled if possible. oval:org.secpod.oval:def:20290 The kernel runtime parameter "net.ipv4.ip_forward" should be set to "0". oval:org.secpod.oval:def:20298 Remote connections (SSH) from accounts with empty passwords should be disabled (and dependencies are met). oval:org.secpod.oval:def:20299 Logins through the Direct root Logins Not Allowed should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20296 The SELinux policy should be set appropriately. oval:org.secpod.oval:def:20297 The kernel runtime parameter "net.ipv4.icmp_echo_ignore_broadcasts" should be set to "1". oval:org.secpod.oval:def:20294 The RPM package bind should be removed. oval:org.secpod.oval:def:20295 The named service should be disabled if possible. oval:org.secpod.oval:def:20292 The rpcidmapd service should be disabled if possible. oval:org.secpod.oval:def:20359 The logrotate (syslog rotater) service should be enabled. oval:org.secpod.oval:def:20238 The network environment should not be modified by anything other than administrator action. Any change to network parameters should be audited. oval:org.secpod.oval:def:20239 Audit files deletion events. oval:org.secpod.oval:def:20478 The .netrc files contain login information used to auto-login into FTP servers and reside in the user's home directory. Any .netrc files should be removed. oval:org.secpod.oval:def:20237 Ensure all yum repositories utilize signature checking. oval:org.secpod.oval:def:20479 The password hashing algorithm should be set correctly in /etc/login.defs. oval:org.secpod.oval:def:20234 The password lcredit should meet minimum requirements using pam_cracklib oval:org.secpod.oval:def:20476 The number of allowed failed logins should be set correctly. oval:org.secpod.oval:def:20355 The ip6tables service should be enabled if possible. oval:org.secpod.oval:def:20477 The system's default desktop environment, GNOME, uses a number of different thumbnailer programs to generate thumbnails for any new or modified content in an opened folder. Disable the execution of these thumbnail applications within GNOME. oval:org.secpod.oval:def:20356 The kernel runtime parameter "kernel.exec-shield" should be set to "1". oval:org.secpod.oval:def:20243 The default umask for all users should be set correctly oval:org.secpod.oval:def:20485 The 'rsyslog' to Accept Messages via TCP, if Acting As Log Server should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20486 max_log_file_action setting in /etc/audit/auditd.conf is set to a certain action oval:org.secpod.oval:def:20362 Enable warning banner for GUI login oval:org.secpod.oval:def:20483 Manually configure addresses for IPv6 oval:org.secpod.oval:def:20241 Audit actions taken by system administrators on the system. oval:org.secpod.oval:def:20484 Define default gateways for IPv6 traffic oval:org.secpod.oval:def:20363 The iptables service should be enabled if possible. oval:org.secpod.oval:def:20242 Audit rules should detect modification to system files that hold information about users and groups. oval:org.secpod.oval:def:20481 The direct gnome login warning banner should be set correctly. oval:org.secpod.oval:def:20360 The kernel runtime parameter "net.ipv4.conf.default.accept_redirects" should be set to "0". oval:org.secpod.oval:def:20361 The kernel module usb-storage should be disabled. oval:org.secpod.oval:def:20482 The RPC IPv6 Support should be configured appropriately based rpc services. oval:org.secpod.oval:def:20240 Audit rules that detect changes to the system's mandatory access controls (SELinux) are enabled. oval:org.secpod.oval:def:20480 The password hashing algorithm should be set correctly in /etc/libuser.conf. oval:org.secpod.oval:def:20229 Audit rules should capture information about session initiation. oval:org.secpod.oval:def:20227 Idle activation of the screen saver should be enabled. oval:org.secpod.oval:def:20349 The kernel runtime parameter "kernel.randomize_va_space" should be set to "2". oval:org.secpod.oval:def:20228 The password ucredit should meet minimum requirements using pam_cracklib oval:org.secpod.oval:def:20346 The kernel runtime parameter "net.ipv4.icmp_ignore_bogus_error_responses" should be set to "1". oval:org.secpod.oval:def:20225 Audit rules that detect the mounting of filesystems should be enabled. oval:org.secpod.oval:def:20467 The mdmonitor service should be disabled if possible. oval:org.secpod.oval:def:20468 Enable the GUI warning banner. oval:org.secpod.oval:def:20347 The rsh service should be disabled if possible. oval:org.secpod.oval:def:20345 This test makes sure that '/etc/shadow' file permission is setted as appropriate. If the target file or directory has an extended ACL then it will fail the mode check. oval:org.secpod.oval:def:20232 The password difok should meet minimum requirements using pam_cracklib oval:org.secpod.oval:def:20474 Record attempts to alter time through settimeofday. oval:org.secpod.oval:def:20353 The RPM package xinetd should be removed. oval:org.secpod.oval:def:20475 The rexec service should be disabled if possible. oval:org.secpod.oval:def:20230 The audit rules should be configured to log information about kernel module loading and unloading. oval:org.secpod.oval:def:20472 The nfs service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20352 The kernel runtime parameter "net.ipv4.conf.all.send_redirects" should be set to "0". oval:org.secpod.oval:def:20231 Force a reboot to change audit rules is enabled oval:org.secpod.oval:def:20473 PermitUserEnvironment should be disabled oval:org.secpod.oval:def:20470 Test if HostLimit line in logwatch.conf is set appropriately. On a central logserver, you want Logwatch to summarize all syslog entries, including those which did not originate on the logserver itself. The HostLimit setting tells Logwatch to report on all hosts, not just the one on which it is runni ... oval:org.secpod.oval:def:20350 The kernel runtime parameter "net.ipv4.conf.default.send_redirects" should be set to "0". oval:org.secpod.oval:def:20337 The kernel runtime parameter "net.ipv4.conf.all.rp_filter" should be set to "1". oval:org.secpod.oval:def:20216 The kernel module dccp should be disabled. oval:org.secpod.oval:def:20458 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20338 The Kernel Parameter for Accepting Source-Routed Packets By Default should be enabled or disabled as appropriate. The kernel runtime parameter "net.ipv4.conf.default.accept_source_route" should be set to "0". oval:org.secpod.oval:def:20217 Audit rules about the Information on the Use of Privileged Commands are enabled oval:org.secpod.oval:def:20459 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20335 The autofs service should be disabled if possible. oval:org.secpod.oval:def:20456 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20215 Change the default policy to DROP (from ACCEPT) for the INPUT built-in chain (/etc/sysconfig/iptables). oval:org.secpod.oval:def:20457 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20336 The RPM package squid should be removed. oval:org.secpod.oval:def:20333 The system login banner text should be set correctly. oval:org.secpod.oval:def:20212 The kernel module sctp should be disabled. oval:org.secpod.oval:def:20454 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20455 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20343 The restorecond service should be enabled if possible. oval:org.secpod.oval:def:20464 Require the use of TLS for ldap clients. oval:org.secpod.oval:def:20340 The password warning age should be set appropriately. oval:org.secpod.oval:def:20461 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20462 IP forwarding should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20341 The irqbalance service should be enabled if possible. oval:org.secpod.oval:def:20460 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20207 The kernel module hfsplus should be disabled. oval:org.secpod.oval:def:20449 Record attempts to alter time through /etc/localtime oval:org.secpod.oval:def:20208 The default umask for all users specified in /etc/login.defs oval:org.secpod.oval:def:20326 The root account is the only system account that should have a login shell. oval:org.secpod.oval:def:20447 Record attempts to alter time through stime, note that this is only relevant on 32bit architecture. oval:org.secpod.oval:def:20205 The RPM package net-snmp should be removed. oval:org.secpod.oval:def:20327 The '/etc/shadow' file should be owned by the appropriate group. oval:org.secpod.oval:def:20448 Record attempts to alter time through clock_settime. oval:org.secpod.oval:def:20324 File permissions for '/etc/group' should be set correctly. oval:org.secpod.oval:def:20445 The kernel runtime parameter "net.ipv6.conf.default.accept_ra" should be set to "0". oval:org.secpod.oval:def:20203 Require samba clients which use smb.conf, such as smbclient, to use packet signing. A Samba client should only communicate with servers who can support SMB packet signing. oval:org.secpod.oval:def:20446 The kernel runtime parameter "net.ipv6.conf.default.accept_redirects" should be set to "0". oval:org.secpod.oval:def:20322 This test makes sure that '/etc/gshadow' is setted appropriate permission. If the target file or directory has an extended ACL then it will fail the mode check. oval:org.secpod.oval:def:20443 Global IPv6 initialization should be disabled. oval:org.secpod.oval:def:20323 The /etc/passwd file should be owned by the appropriate user. oval:org.secpod.oval:def:20444 Systems that are using the 64-bit x86 kernel package do not need to install the kernel-PAE package because the 64-bit x86 kernel already includes this support. However, if the system is 32-bit and also supports the PAE and NX features as determined in the previous section, the kernel-PAE package sho ... oval:org.secpod.oval:def:20209 The password dcredit should meet minimum requirements using pam_cracklib oval:org.secpod.oval:def:20210 The squashfs Kernel Module should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20452 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20211 The password ocredit should meet minimum requirements using pam_cracklib oval:org.secpod.oval:def:20453 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20332 The cpuspeed service should be disabled if possible. oval:org.secpod.oval:def:20450 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20451 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:20399 The RPM package httpd should be removed. oval:org.secpod.oval:def:20280 The smartd service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20287 The rpcgssd service should be disabled if possible. oval:org.secpod.oval:def:20288 The RPM package rsh-server should be removed. oval:org.secpod.oval:def:20284 The RPM package openldap-servers should be removed. oval:org.secpod.oval:def:20281 The kernel runtime parameter "net.ipv4.conf.all.secure_redirects" should be set to "0". oval:org.secpod.oval:def:20282 Preventing direct root login to virtual console devices helps ensure accountability for actions taken on the system using the root account. oval:org.secpod.oval:def:20389 If inbound SSH access is not needed, the firewall should disallow or reject access to the SSH port (22). oval:org.secpod.oval:def:20390 The acpid service should be disabled if possible. oval:org.secpod.oval:def:20397 The dhcpd service should be disabled if possible. oval:org.secpod.oval:def:20277 The kdump service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20274 The number of allowed failed logins should be set correctly. oval:org.secpod.oval:def:20395 The crond service should be enabled if possible. oval:org.secpod.oval:def:20275 The rhnsd service should be disabled if possible. oval:org.secpod.oval:def:20396 Only SSH protocol version 2 connections should be permitted. oval:org.secpod.oval:def:20393 Check if SplitHosts line in logwatch.conf is set appropriately. oval:org.secpod.oval:def:20272 The RPM package telnet-server should be removed. oval:org.secpod.oval:def:20273 The telnet service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20270 The allowed period of inactivity before the screensaver is activated. oval:org.secpod.oval:def:20391 The lockd service should be configured to use a static port or a dynamic portmapper port for UDP as appropriate. oval:org.secpod.oval:def:20392 The kernel runtime parameter "net.ipv4.conf.all.log_martians" should be set to "1". oval:org.secpod.oval:def:20271 The kernel runtime parameter "net.ipv4.conf.default.secure_redirects" should be set to "0". oval:org.secpod.oval:def:20379 The kernel runtime parameter "fs.suid_dumpable" should be set to "0". oval:org.secpod.oval:def:20259 Postfix network listening should be disabled oval:org.secpod.oval:def:20377 The requirement for a password to boot into single-user mode should be configured correctly. oval:org.secpod.oval:def:20498 The ntpdate service should be disabled if possible. oval:org.secpod.oval:def:20378 The ability for users to perform interactive startups should be disabled. oval:org.secpod.oval:def:20257 The kernel module bluetooth should be disabled. oval:org.secpod.oval:def:20265 The RPM package rsyslog should be installed. oval:org.secpod.oval:def:20387 The auditd service should be enabled if possible. oval:org.secpod.oval:def:20263 Syslog logs should be sent to a remote loghost oval:org.secpod.oval:def:20384 The tftp service should be disabled if possible. oval:org.secpod.oval:def:20264 rsyslogd should reject remote messages oval:org.secpod.oval:def:20382 The dynamic DNS feature of the DHCP server should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20262 The kernel module hfs should be disabled. oval:org.secpod.oval:def:20383 The kernel runtime parameter "net.ipv4.tcp_syncookies" should be set to "1". oval:org.secpod.oval:def:20380 The xinetd service should be disabled if possible. oval:org.secpod.oval:def:20381 Preventing direct root login to serial port interfaces helps ensure accountability for actions taken on the system using the root account. oval:org.secpod.oval:def:20489 action_mail_acct setting in /etc/audit/auditd.conf is set to a certain account oval:org.secpod.oval:def:20247 Require the use of TLS for ldap clients. oval:org.secpod.oval:def:20369 The kernel runtime parameter "net.ipv4.conf.all.accept_redirects" should be set to "0". oval:org.secpod.oval:def:20245 The kernel module udf should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20487 space_left_action setting in /etc/audit/auditd.conf is set to a certain action oval:org.secpod.oval:def:20367 The RPM package aide should be installed. oval:org.secpod.oval:def:20488 admin_space_left_action setting in /etc/audit/auditd.conf is set to a certain action oval:org.secpod.oval:def:20246 The RPM package vsftpd should be removed. oval:org.secpod.oval:def:20375 The kernel runtime parameter "net.ipv4.conf.all.accept_source_route" should be set to "0". oval:org.secpod.oval:def:20496 The cgred service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20376 The file /etc/pam.d/system-auth should not contain the nullok option oval:org.secpod.oval:def:20255 The passwords to remember should be set correctly. oval:org.secpod.oval:def:20497 The netconsole service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:20373 The default umask for users of the csh shell oval:org.secpod.oval:def:20494 The cgconfig service should be disabled if possible. oval:org.secpod.oval:def:20374 The system's default desktop environment, GNOME, will mount devices and removable media (such as DVDs, CDs and USB flash drives) whenever they are inserted into the system. Disable automount and autorun within GNOME. oval:org.secpod.oval:def:20253 Audit rules about the Unauthorized Access Attempts to Files (unsuccessful) are enabled oval:org.secpod.oval:def:20250 Audit rules should be configured to log successful and unsuccessful logon and logout events. oval:org.secpod.oval:def:20372 Core dumps for all users should be disabled oval:org.secpod.oval:def:20251 The kernel module tipc should be disabled. oval:org.secpod.oval:def:20493 The atd service should be disabled if possible. oval:org.secpod.oval:def:20490 The abrtd service should be disabled if possible. oval:org.secpod.oval:def:20370 The daemon umask should be set as appropriate |