[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98250

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:20515
The sysstat service should be disabled if possible.

oval:org.secpod.oval:def:20516
The certmonger service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20512
The saslauthd service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20510
The rhsmcertd service should be disabled if possible.

oval:org.secpod.oval:def:20519
The accounts should be configured to expire automatically following password expiration.

oval:org.secpod.oval:def:20517
The '.rhosts' or 'hosts.equiv' files should exists or doesn't exists on the system.

oval:org.secpod.oval:def:20518
The TFTP daemon should use secure mode.

oval:org.secpod.oval:def:20505
The psacct service should be enabled if possible.

oval:org.secpod.oval:def:20502
The portreserve service should be disabled if possible.

oval:org.secpod.oval:def:20500
The oddjobd service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20509
The rdisc service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20506
The quota_nld service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20317
The RPM package screen should be installed.

oval:org.secpod.oval:def:20438
Directory permissions for /var/log/httpd should be set appropriately.

oval:org.secpod.oval:def:20439
Disable Zeroconf automatic route assignment in the 169.254.0.0 subnet.

oval:org.secpod.oval:def:20318
The RPM package tftp-server should be removed.

oval:org.secpod.oval:def:20315
The Apache qpidd service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20436
The squid service should be disabled if possible.

oval:org.secpod.oval:def:20316
The /etc/group file should be owned by the appropriate group.

oval:org.secpod.oval:def:20437
The lockd service should be configured to use a static port or a dynamic portmapper port for TCP as appropriate.

oval:org.secpod.oval:def:20313
Configure the system boot firmware (historically called BIOS on PC systems) to disallow booting from USB drives

oval:org.secpod.oval:def:20434
Plaintext authentication of mail clients should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20435
A warning banner for all FTP users should be enabled or disabled as appropriate

oval:org.secpod.oval:def:20432
Logging of vsftpd transactions should be enabled or disabled as appropriate

oval:org.secpod.oval:def:20311
The dovecot service should be disabled if possible.

oval:org.secpod.oval:def:20312
The RPM package dovecot should be removed.

oval:org.secpod.oval:def:20433
The Samba (SMB) service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20319
The /etc/shadow file should be owned by the appropriate user.

oval:org.secpod.oval:def:20441
Enable privacy extensions for IPv6

oval:org.secpod.oval:def:20320
The vsftpd service should be disabled if possible.

oval:org.secpod.oval:def:20200
The password hashing algorithm should be set correctly in /etc/pam.d/system-auth.

oval:org.secpod.oval:def:20321
File permissions for '/boot/grub/grub.conf' should be set appropriate.

oval:org.secpod.oval:def:20442
The anacron service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20440
The disable option will allow the IPv6 module to be inserted, but prevent address assignment and activation of the network stack.

oval:org.secpod.oval:def:20427
The password retry should meet minimum requirements using pam_cracklib

oval:org.secpod.oval:def:20306
The messagebus service should be disabled if possible.

oval:org.secpod.oval:def:20428
Emulation of the rsh command through the ssh server should be disabled (and dependencies are met)

oval:org.secpod.oval:def:20425
Restriction of NFS clients to privileged ports should be enabled or disabled as appropriate

oval:org.secpod.oval:def:20304
The snmpd service should be disabled if possible.

oval:org.secpod.oval:def:20305
The grub boot loader should have password protection enabled.

oval:org.secpod.oval:def:20426
The rpcsvcgssd service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20544
The yum-updatesd service should be disabled

oval:org.secpod.oval:def:20423
Checks /etc/inittab to ensure that default runlevel is set to 3.

oval:org.secpod.oval:def:20303
The cups service should be disabled if possible.

oval:org.secpod.oval:def:20424
The RPM package dhcpd should be removed.

oval:org.secpod.oval:def:20542
File permissions for /bin, /usr/bin, /usr/local/bin, /sbin, /usr/sbin and /usr/local/sbin should be set correctly.

oval:org.secpod.oval:def:20421
The mountd service should be configured to use a static port or a dynamic portmapper port as appropriate

oval:org.secpod.oval:def:20543
The RPM package openswan should be installed.

oval:org.secpod.oval:def:20301
The ypbind service should be disabled if possible.

oval:org.secpod.oval:def:20422
File uploads via vsftpd should be enabled or disabled as appropriate

oval:org.secpod.oval:def:20429
The PATH variable should be set correctly for user root

oval:org.secpod.oval:def:20308
The kernel runtime parameter "net.ipv4.conf.default.rp_filter" should be set to "1".

oval:org.secpod.oval:def:20309
The default umask for users of the bash shell

oval:org.secpod.oval:def:20430
The netfs service should be disabled if possible.

oval:org.secpod.oval:def:20310
The SSH idle timeout interval should be set to an appropriate value.

oval:org.secpod.oval:def:20431
Root squashing should be enabled or disabled as appropriate for all NFS shares.

oval:org.secpod.oval:def:20537
max_log_file setting in /etc/audit/auditd.conf is set to at least a certain value

oval:org.secpod.oval:def:20416
The CUPS print service can be configured to broadcast a list of available printers to the network. Other machines on the network, also running the CUPS print service, can be configured to listen to these broadcasts and add and configure these printers for immediate use. By disabling this browsing ca ...

oval:org.secpod.oval:def:20417
The number of allowed failed logins should be set correctly.

oval:org.secpod.oval:def:20538
Ctrl-Alt-Del Reboot Activation should be set as appropriate.

oval:org.secpod.oval:def:21745
The rsyslog to Accept Messages via UDP, if Acting As Log Server should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20414
DHCPDECLINE messages should be accepted or denied by the DHCP server as appropriate

oval:org.secpod.oval:def:20535
The RPM package sendmail should be removed.

oval:org.secpod.oval:def:20536
num_logs setting in /etc/audit/auditd.conf is set to at least a certain value

oval:org.secpod.oval:def:20415
By default, locally configured printers will not be shared over the network, but if this functionality has somehow been enabled, these recommendations will disable it again. Be sure to disable outgoing printer list broadcasts, or remote users will still be able to see the locally configured printers ...

oval:org.secpod.oval:def:20412
Root login via SSH should be disabled (and dependencies are met)

oval:org.secpod.oval:def:20533
Directory permissions for /etc/httpd/conf/ should be set as appropriate.

oval:org.secpod.oval:def:20534
Protect against unnecessary release of information.

oval:org.secpod.oval:def:20413
The nfslock service should be disabled if possible.

oval:org.secpod.oval:def:20531
Dovecot plaintext authentication of clients should be enabled or disabled as necessary

oval:org.secpod.oval:def:20532
In the event temporary or emergency accounts are required, configure the system to terminate them after a documented time period.

oval:org.secpod.oval:def:20411
A remote NTP Server for time synchronization should be specified (and dependencies are met)

oval:org.secpod.oval:def:20418
The SELinux state should be set appropriately.

oval:org.secpod.oval:def:20539
SSL capabilities should be enabled for the mail server.

oval:org.secpod.oval:def:20540
The apache2 server's ServerSignature value should be set appropriately.

oval:org.secpod.oval:def:20420
SSH warning banner should be enabled (and dependencies are met).

oval:org.secpod.oval:def:20541
The Avahi daemon should be configured to serve via Ipv6 or not as appropriate.

oval:org.secpod.oval:def:20526
The kernel runtime parameter "kernel.dmesg_restrict" should be set to "1".

oval:org.secpod.oval:def:20405
The haldaemon service should be disabled if possible.

oval:org.secpod.oval:def:20406
The avahi-daemon service should be disabled if possible.

oval:org.secpod.oval:def:20527
The apache2 server's ServerTokens value should be set appropriately

oval:org.secpod.oval:def:20403
The bluetooth service should be disabled if possible.

oval:org.secpod.oval:def:20524
Change the default policy to DROP (from ACCEPT) for the INPUT built-in chain (/etc/sysconfig/ip6tables).

oval:org.secpod.oval:def:20525
Avahi should be configured to accept packets with a TTL field not equal to 255 or not as appropriate.

oval:org.secpod.oval:def:20522
Avahi should be configured to allow other stacks from binding to port 5353 or not as appropriate.

oval:org.secpod.oval:def:20401
BOOTP queries should be accepted or denied by the DHCP server as appropriate.

oval:org.secpod.oval:def:20402
The RPM package ypserv should be removed.

oval:org.secpod.oval:def:20523
The /etc/httpd/conf/* files should have the appropriate permissions.

oval:org.secpod.oval:def:20520
Configure the system to notify users of last logon/access using pam_lastlog.

oval:org.secpod.oval:def:20521
Avahi publishing of IP addresses should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20400
The httpd service should be disabled if possible.

oval:org.secpod.oval:def:20409
The ntpd service should be enable or disable as appropriate.

oval:org.secpod.oval:def:20528
The pcscd service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20407
The nodev option should be enabled for all NFS mounts in /etc/fstab.

oval:org.secpod.oval:def:20408
SSH's cryptographic host-based authentication is more secure than .rhosts authentication. However, it is not recommended that hosts unilaterally trust one another, even within an organization.

oval:org.secpod.oval:def:20529
The HTTPD Proxy Module Support should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20530
The maximum number of concurrent login sessions per user should meet minimum requirements.

oval:org.secpod.oval:def:26103
Configure SNMP Service to Use Only SNMPv3 or Newer (/etc/snmp/snmpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26105
Configure statd to use static port (/etc/sysconfig/nfs) should be configured appropriately.

oval:org.secpod.oval:def:26104
Configure auditd to use audispd plugin (/etc/audisp/plugins.d/syslog.conf) should be configured appropriately.

oval:org.secpod.oval:def:26107
Disable CGI Support (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26106
Disable Avahi Publishing (/etc/avahi/avahi-daemon.conf) should be configured appropriately.

oval:org.secpod.oval:def:26134
Verify that Shared Library Files Have Root Ownership (/lib, /lib64, /usr/lib or /usr/lib64) should be configured appropriately.

oval:org.secpod.oval:def:26133
Verify that Shared Library Files Have Restrictive Permissions (/lib, /lib64, /usr/lib or /usr/lib64) should be configured appropriately.

oval:org.secpod.oval:def:26135
Verify that System Executables Have Restrictive Permissions (/bin, /usr/bin, /usr/local/bin, /sbin, /usr/sbin or /usr/local/sbin) should be configured appropriately.

oval:org.secpod.oval:def:26130
Specify UID and GID for Anonymous NFS Connections (/etc/exports) should be configured appropriately.

oval:org.secpod.oval:def:26132
System Audit Logs Must Have Mode 0640 or Less Permissive (/var/log/audit/*) should be configured appropriately.

oval:org.secpod.oval:def:26131
System Audit Logs Must Be Owned By Root (/var/log/*) should be configured appropriately.

oval:org.secpod.oval:def:26119
Restrict Root Directory (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26123
Ensure Insecure File Locking is Not Allowed (/etc/exports) should be configured appropriately.

oval:org.secpod.oval:def:26122
Ensure Default Password Is Not Used (/etc/snmp/snmpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26125
mod_ssl package installation should be configured appropriately.

oval:org.secpod.oval:def:26124
The mod_security package installation should be configured appropriately.

oval:org.secpod.oval:def:26127
Restrict Access to Anonymous Users should be configured appropriately.

oval:org.secpod.oval:def:26126
Limit Users SSH Access should be configured appropriately.

oval:org.secpod.oval:def:26129
Specify Additional Remote NTP Servers (/etc/ntp.conf) should be configured appropriately.

oval:org.secpod.oval:def:26128
Set Password to Maximum of Three Consecutive Repeating Characters should be configured appropriately.

oval:org.secpod.oval:def:26121
Disable Prelinking (/etc/sysconfig/prelink) should be configured appropriately.

oval:org.secpod.oval:def:26120
Restrict Web Directory (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26109
Disable HTTP Digest Authentication (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26108
Disable Cache Support (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26112
Disable Logwatch on Clients if a Logserver Exists (/etc/cron.daily/0logwatch) should be configured appropriately.

oval:org.secpod.oval:def:26111
Disable LDAP Support (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26114
Disable Server Activity Status (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26113
Disable MIME Magic (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26116
Disable URL Correction on Misspelled Entries (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26115
Disable Server Side Includes (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26118
Disable WebDAV (Distributed Authoring and Versioning) (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26117
Disable Web Server Configuration Display (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:26110
Disable HTTP mod_rewrite (/etc/httpd/conf/httpd.conf) should be configured appropriately.

oval:org.secpod.oval:def:20191
Idle activation of the screen lock should be enabled.

oval:org.secpod.oval:def:20192
The kernel module rds should be disabled.

oval:org.secpod.oval:def:20190
System logs are stored in the /var/log directory. Ensure that it has its own partition or logical volume.

oval:org.secpod.oval:def:20199
The SSH ClientAliveCountMax should be set to an appropriate value (and dependencies are met)

oval:org.secpod.oval:def:20197
The sshd service should be disabled if possible.

oval:org.secpod.oval:def:20196
Record Events that Modify the System's Discretionary Access Controls - chmod. The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20194
Record attempts to alter time through adjtimex.

oval:org.secpod.oval:def:20289
The rlogin service should be disabled if possible.

oval:org.secpod.oval:def:20290
The kernel runtime parameter "net.ipv4.ip_forward" should be set to "0".

oval:org.secpod.oval:def:20291
This test makes sure that '/etc/passwd' has proper permission. If the target file or directory has an extended ACL then it will fail the mode check.

oval:org.secpod.oval:def:20298
Remote connections (SSH) from accounts with empty passwords should be disabled (and dependencies are met).

oval:org.secpod.oval:def:20299
Logins through the Direct root Logins Not Allowed should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20296
The SELinux policy should be set appropriately.

oval:org.secpod.oval:def:20297
The kernel runtime parameter "net.ipv4.icmp_echo_ignore_broadcasts" should be set to "1".

oval:org.secpod.oval:def:20294
The RPM package bind should be removed.

oval:org.secpod.oval:def:20295
The named service should be disabled if possible.

oval:org.secpod.oval:def:20292
The rpcidmapd service should be disabled if possible.

oval:org.secpod.oval:def:20293
All files should be owned by a group

oval:org.secpod.oval:def:20359
The logrotate (syslog rotater) service should be enabled.

oval:org.secpod.oval:def:20238
The network environment should not be modified by anything other than administrator action. Any change to network parameters should be audited.

oval:org.secpod.oval:def:20239
Audit files deletion events.

oval:org.secpod.oval:def:20236
Ensuring that /var is mounted on its own partition enables the setting of more restrictive mount options, which is used as temporary storage by many program, particularly system services such as daemons. It is not uncommon for the /var directory to contain world-writable directories, installed by ot ...

oval:org.secpod.oval:def:20357
Look for argument "nousb" in the kernel line in /etc/grub.conf

oval:org.secpod.oval:def:20478
The .netrc files contain login information used to auto-login into FTP servers and reside in the user's home directory. Any .netrc files should be removed.

oval:org.secpod.oval:def:20237
Ensure all yum repositories utilize signature checking.

oval:org.secpod.oval:def:20358
The minimum password age policy should be set appropriately.

oval:org.secpod.oval:def:20479
The password hashing algorithm should be set correctly in /etc/login.defs.

oval:org.secpod.oval:def:20234
The password lcredit should meet minimum requirements using pam_cracklib

oval:org.secpod.oval:def:20476
The number of allowed failed logins should be set correctly.

oval:org.secpod.oval:def:20355
The ip6tables service should be enabled if possible.

oval:org.secpod.oval:def:20477
The system's default desktop environment, GNOME, uses a number of different thumbnailer programs to generate thumbnails for any new or modified content in an opened folder. Disable the execution of these thumbnail applications within GNOME.

oval:org.secpod.oval:def:20356
The kernel runtime parameter "kernel.exec-shield" should be set to "1".

oval:org.secpod.oval:def:20235
The screen saver should be blank.

oval:org.secpod.oval:def:20243
The default umask for all users should be set correctly

oval:org.secpod.oval:def:20485
The 'rsyslog' to Accept Messages via TCP, if Acting As Log Server should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20244
The kernel module jffs2 should be disabled.

oval:org.secpod.oval:def:20486
max_log_file_action setting in /etc/audit/auditd.conf is set to a certain action

oval:org.secpod.oval:def:20365
DHCP configuration should be static for all interfaces.

oval:org.secpod.oval:def:20362
Enable warning banner for GUI login

oval:org.secpod.oval:def:20483
Manually configure addresses for IPv6

oval:org.secpod.oval:def:20241
Audit actions taken by system administrators on the system.

oval:org.secpod.oval:def:20484
Define default gateways for IPv6 traffic

oval:org.secpod.oval:def:20363
The iptables service should be enabled if possible.

oval:org.secpod.oval:def:20242
Audit rules should detect modification to system files that hold information about users and groups.

oval:org.secpod.oval:def:20481
The direct gnome login warning banner should be set correctly.

oval:org.secpod.oval:def:20360
The kernel runtime parameter "net.ipv4.conf.default.accept_redirects" should be set to "0".

oval:org.secpod.oval:def:20361
The kernel module usb-storage should be disabled.

oval:org.secpod.oval:def:20482
The RPC IPv6 Support should be configured appropriately based rpc services.

oval:org.secpod.oval:def:20240
Audit rules that detect changes to the system's mandatory access controls (SELinux) are enabled.

oval:org.secpod.oval:def:20480
The password hashing algorithm should be set correctly in /etc/libuser.conf.

oval:org.secpod.oval:def:20229
Audit rules should capture information about session initiation.

oval:org.secpod.oval:def:20469
The noexec mount option prevents the direct execution of binaries on the mounted filesystem. Users should not be allowed to execute binaries that exist on partitions mounted from removable media (such as a USB key). The noexec option prevents code from being executed directly from the media itself, ...

oval:org.secpod.oval:def:20348
The 'grub.conf' file should be owned by appropriate user. By default, this file is located at /boot/grub/grub.conf or, for EFI systems, at /etc/grub.conf.

oval:org.secpod.oval:def:20227
Idle activation of the screen saver should be enabled.

oval:org.secpod.oval:def:20349
The kernel runtime parameter "kernel.randomize_va_space" should be set to "2".

oval:org.secpod.oval:def:20228
The password ucredit should meet minimum requirements using pam_cracklib

oval:org.secpod.oval:def:20346
The kernel runtime parameter "net.ipv4.icmp_ignore_bogus_error_responses" should be set to "1".

oval:org.secpod.oval:def:20225
Audit rules that detect the mounting of filesystems should be enabled.

oval:org.secpod.oval:def:20467
The mdmonitor service should be disabled if possible.

oval:org.secpod.oval:def:20226
The /var/tmp directory should be bind mounted to /tmp in order to consolidate temporary storage into one location protected by the same techniques as /tmp.

oval:org.secpod.oval:def:20468
Enable the GUI warning banner.

oval:org.secpod.oval:def:20347
The rsh service should be disabled if possible.

oval:org.secpod.oval:def:20223
Limit the ciphers to those which are FIPS-approved and only use ciphers in counter (CTR) mode.

oval:org.secpod.oval:def:20224
If user home directories will be stored locally, create a separate partition for /home. If /home will be mounted from another system such as an NFS server, then creating a separate partition is not necessary at this time, and the mountpoint can instead be configured later.

oval:org.secpod.oval:def:20345
This test makes sure that '/etc/shadow' file permission is setted as appropriate. If the target file or directory has an extended ACL then it will fail the mode check.

oval:org.secpod.oval:def:20232
The password difok should meet minimum requirements using pam_cracklib

oval:org.secpod.oval:def:20474
Record attempts to alter time through settimeofday.

oval:org.secpod.oval:def:20353
The RPM package xinetd should be removed.

oval:org.secpod.oval:def:20233
It can be dangerous to allow the execution of binaries from world-writable temporary storage directories such as /dev/shm. The noexec mount option prevents binaries from being executed out of /dev/shm.

oval:org.secpod.oval:def:20475
The rexec service should be disabled if possible.

oval:org.secpod.oval:def:20351
The password minimum length should be set appropriately.

oval:org.secpod.oval:def:20230
The audit rules should be configured to log information about kernel module loading and unloading.

oval:org.secpod.oval:def:20472
The nfs service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20352
The kernel runtime parameter "net.ipv4.conf.all.send_redirects" should be set to "0".

oval:org.secpod.oval:def:20231
Force a reboot to change audit rules is enabled

oval:org.secpod.oval:def:20473
PermitUserEnvironment should be disabled

oval:org.secpod.oval:def:20470
Test if HostLimit line in logwatch.conf is set appropriately. On a central logserver, you want Logwatch to summarize all syslog entries, including those which did not originate on the logserver itself. The HostLimit setting tells Logwatch to report on all hosts, not just the one on which it is runni ...

oval:org.secpod.oval:def:20350
The kernel runtime parameter "net.ipv4.conf.default.send_redirects" should be set to "0".

oval:org.secpod.oval:def:20471
The RPM package xorg-x11-server-common should be removed.

oval:org.secpod.oval:def:20218
All password hashes should be shadowed.

oval:org.secpod.oval:def:20339
The maximum password age policy should meet minimum requirements.

oval:org.secpod.oval:def:20219
The nosuid mount option should be set for temporary storage partitions such as /dev/shm. The suid/sgid permissions should not be required in these world-writable directories.

oval:org.secpod.oval:def:20337
The kernel runtime parameter "net.ipv4.conf.all.rp_filter" should be set to "1".

oval:org.secpod.oval:def:20216
The kernel module dccp should be disabled.

oval:org.secpod.oval:def:20458
The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20338
The Kernel Parameter for Accepting Source-Routed Packets By Default should be enabled or disabled as appropriate. The kernel runtime parameter "net.ipv4.conf.default.accept_source_route" should be set to "0".

oval:org.secpod.oval:def:20217
Audit rules about the Information on the Use of Privileged Commands are enabled

oval:org.secpod.oval:def:20459
The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20214
Audit logs are stored in the /var/log/audit directory. Ensure that it has its own partition or logical volume. Make absolutely certain that it is large enough to store all audit logs that will be created by the auditing daemon.

oval:org.secpod.oval:def:20335
The autofs service should be disabled if possible.

oval:org.secpod.oval:def:20456
The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20215
Change the default policy to DROP (from ACCEPT) for the INPUT built-in chain (/etc/sysconfig/iptables).

oval:org.secpod.oval:def:20457
The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20336
The RPM package squid should be removed.

oval:org.secpod.oval:def:20333
The system login banner text should be set correctly.

oval:org.secpod.oval:def:20212
The kernel module sctp should be disabled.

oval:org.secpod.oval:def:20454
The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20213
The /tmp directory is a world-writable directory used for temporary file storage. Verify that it has its own partition or logical volume.

oval:org.secpod.oval:def:20334
The /etc/gshadow file should be owned by the appropriate group.

oval:org.secpod.oval:def:20455
The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20221
The Red Hat release and auxiliary key packages are required to be installed.

oval:org.secpod.oval:def:20222
The kernel module freevxfs should be disabled.

oval:org.secpod.oval:def:20343
The restorecond service should be enabled if possible.

oval:org.secpod.oval:def:20464
Require the use of TLS for ldap clients.

oval:org.secpod.oval:def:20340
The password warning age should be set appropriately.

oval:org.secpod.oval:def:20461
The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20220
Legitimate character and block devices should not exist within temporary directories like /tmp. The nodev mount option should be specified for /tmp.

oval:org.secpod.oval:def:20462
IP forwarding should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20341
The irqbalance service should be enabled if possible.

oval:org.secpod.oval:def:20460
The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20207
The kernel module hfsplus should be disabled.

oval:org.secpod.oval:def:20328
The SELinux state should be enforcing the local policy.

oval:org.secpod.oval:def:20449
Record attempts to alter time through /etc/localtime

oval:org.secpod.oval:def:20329
Only the root account should be assigned a user id of 0.

oval:org.secpod.oval:def:20208
The default umask for all users specified in /etc/login.defs

oval:org.secpod.oval:def:20326
The root account is the only system account that should have a login shell.

oval:org.secpod.oval:def:20447
Record attempts to alter time through stime, note that this is only relevant on 32bit architecture.

oval:org.secpod.oval:def:20205
The RPM package net-snmp should be removed.

oval:org.secpod.oval:def:20206
The kernel module cramfs should be disabled.

oval:org.secpod.oval:def:20327
The '/etc/shadow' file should be owned by the appropriate group.

oval:org.secpod.oval:def:20448
Record attempts to alter time through clock_settime.

oval:org.secpod.oval:def:20324
File permissions for '/etc/group' should be set correctly.

oval:org.secpod.oval:def:20445
The kernel runtime parameter "net.ipv6.conf.default.accept_ra" should be set to "0".

oval:org.secpod.oval:def:20203
Require samba clients which use smb.conf, such as smbclient, to use packet signing. A Samba client should only communicate with servers who can support SMB packet signing.

oval:org.secpod.oval:def:20325
The SELinux in /etc/grub.conf should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20446
The kernel runtime parameter "net.ipv6.conf.default.accept_redirects" should be set to "0".

oval:org.secpod.oval:def:20322
This test makes sure that '/etc/gshadow' is setted appropriate permission. If the target file or directory has an extended ACL then it will fail the mode check.

oval:org.secpod.oval:def:20443
Global IPv6 initialization should be disabled.

oval:org.secpod.oval:def:20323
The /etc/passwd file should be owned by the appropriate user.

oval:org.secpod.oval:def:20444
Systems that are using the 64-bit x86 kernel package do not need to install the kernel-PAE package because the 64-bit x86 kernel already includes this support. However, if the system is 32-bit and also supports the PAE and NX features as determined in the previous section, the kernel-PAE package sho ...

oval:org.secpod.oval:def:20202
The postfix service should be enabled if possible.

oval:org.secpod.oval:def:20209
The password dcredit should meet minimum requirements using pam_cracklib

oval:org.secpod.oval:def:20210
The squashfs Kernel Module should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20452
The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20211
The password ocredit should meet minimum requirements using pam_cracklib

oval:org.secpod.oval:def:20453
The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20332
The cpuspeed service should be disabled if possible.

oval:org.secpod.oval:def:20450
The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20451
The changing of file permissions and attributes should be audited.

oval:org.secpod.oval:def:20330
The nosuid option should be enabled for all NFS mounts in /etc/fstab.

oval:org.secpod.oval:def:20399
The RPM package httpd should be removed.

oval:org.secpod.oval:def:20280
The smartd service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20287
The rpcgssd service should be disabled if possible.

oval:org.secpod.oval:def:20288
The RPM package rsh-server should be removed.

oval:org.secpod.oval:def:20285
The nodev mount option prevents files from being interpreted as character or block devices. Legitimate character and block devices should exist in the /dev directory on the root partition or within chroot jails built for system services. All other locations should not allow character and block devic ...

oval:org.secpod.oval:def:20283
The /etc/passwd file should be owned by the appropriate group.

oval:org.secpod.oval:def:20284
The RPM package openldap-servers should be removed.

oval:org.secpod.oval:def:20281
The kernel runtime parameter "net.ipv4.conf.all.secure_redirects" should be set to "0".

oval:org.secpod.oval:def:20282
Preventing direct root login to virtual console devices helps ensure accountability for actions taken on the system using the root account.

oval:org.secpod.oval:def:20269
The environment variable PATH should be set correctly for the root user.

oval:org.secpod.oval:def:20268
The /etc/group file should be owned by the appropriate user.

oval:org.secpod.oval:def:20389
If inbound SSH access is not needed, the firewall should disallow or reject access to the SSH port (22).

oval:org.secpod.oval:def:20390
The acpid service should be disabled if possible.

oval:org.secpod.oval:def:20397
The dhcpd service should be disabled if possible.

oval:org.secpod.oval:def:20277
The kdump service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20274
The number of allowed failed logins should be set correctly.

oval:org.secpod.oval:def:20395
The crond service should be enabled if possible.

oval:org.secpod.oval:def:20275
The rhnsd service should be disabled if possible.

oval:org.secpod.oval:def:20396
Only SSH protocol version 2 connections should be permitted.

oval:org.secpod.oval:def:20393
Check if SplitHosts line in logwatch.conf is set appropriately.

oval:org.secpod.oval:def:20272
The RPM package telnet-server should be removed.

oval:org.secpod.oval:def:20273
The telnet service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20270
The allowed period of inactivity before the screensaver is activated.

oval:org.secpod.oval:def:20391
The lockd service should be configured to use a static port or a dynamic portmapper port for UDP as appropriate.

oval:org.secpod.oval:def:20392
The kernel runtime parameter "net.ipv4.conf.all.log_martians" should be set to "1".

oval:org.secpod.oval:def:20271
The kernel runtime parameter "net.ipv4.conf.default.secure_redirects" should be set to "0".

oval:org.secpod.oval:def:20258
Legitimate character and block devices should not exist within temporary directories like /dev/shm. The nodev mount option should be specified for /dev/shm.

oval:org.secpod.oval:def:20379
The kernel runtime parameter "fs.suid_dumpable" should be set to "0".

oval:org.secpod.oval:def:20259
Postfix network listening should be disabled

oval:org.secpod.oval:def:20256
The nosuid mount option should be set for temporary storage partitions such as /tmp. The suid/sgid permissions should not be required in these world-writable directories.

oval:org.secpod.oval:def:20377
The requirement for a password to boot into single-user mode should be configured correctly.

oval:org.secpod.oval:def:20498
The ntpdate service should be disabled if possible.

oval:org.secpod.oval:def:20378
The ability for users to perform interactive startups should be disabled.

oval:org.secpod.oval:def:20257
The kernel module bluetooth should be disabled.

oval:org.secpod.oval:def:20386
All wireless interfaces should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20265
The RPM package rsyslog should be installed.

oval:org.secpod.oval:def:20266
The rsyslog service should be enabled if possible.

oval:org.secpod.oval:def:20387
The auditd service should be enabled if possible.

oval:org.secpod.oval:def:20263
Syslog logs should be sent to a remote loghost

oval:org.secpod.oval:def:20384
The tftp service should be disabled if possible.

oval:org.secpod.oval:def:20385
The nosuid mount option prevents set-user-identifier (suid) and set-group-identifier (sgid) permissions from taking effect. These permissions allow users to execute binaries with the same permissions as the owner and group of the file respectively. Users should not be allowed to introduce suid and g ...

oval:org.secpod.oval:def:20264
rsyslogd should reject remote messages

oval:org.secpod.oval:def:20382
The dynamic DNS feature of the DHCP server should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20261
Require packet signing of clients who mount Samba shares using the mount.cifs program (e.g., those who specify shares in /etc/fstab). To do so, ensure that signing options (either sec=krb5i or sec=ntlmv2i) are used.

oval:org.secpod.oval:def:20262
The kernel module hfs should be disabled.

oval:org.secpod.oval:def:20383
The kernel runtime parameter "net.ipv4.tcp_syncookies" should be set to "1".

oval:org.secpod.oval:def:20380
The xinetd service should be disabled if possible.

oval:org.secpod.oval:def:20381
Preventing direct root login to serial port interfaces helps ensure accountability for actions taken on the system using the root account.

oval:org.secpod.oval:def:20260
Look for argument audit=1 in the kernel line in /etc/grub.conf.

oval:org.secpod.oval:def:20368
The /etc/gshadow file should be owned by the appropriate user.

oval:org.secpod.oval:def:20489
action_mail_acct setting in /etc/audit/auditd.conf is set to a certain account

oval:org.secpod.oval:def:20247
Require the use of TLS for ldap clients.

oval:org.secpod.oval:def:20369
The kernel runtime parameter "net.ipv4.conf.all.accept_redirects" should be set to "0".

oval:org.secpod.oval:def:20245
The kernel module udf should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20366
Verify which group owns the grub.conf file.

oval:org.secpod.oval:def:20487
space_left_action setting in /etc/audit/auditd.conf is set to a certain action

oval:org.secpod.oval:def:20367
The RPM package aide should be installed.

oval:org.secpod.oval:def:20488
admin_space_left_action setting in /etc/audit/auditd.conf is set to a certain action

oval:org.secpod.oval:def:20246
The RPM package vsftpd should be removed.

oval:org.secpod.oval:def:20254
It can be dangerous to allow the execution of binaries from world-writable temporary storage directories such as /tmp. The noexec mount option prevents binaries from being executed out of /tmp.

oval:org.secpod.oval:def:20375
The kernel runtime parameter "net.ipv4.conf.all.accept_source_route" should be set to "0".

oval:org.secpod.oval:def:20496
The cgred service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20376
The file /etc/pam.d/system-auth should not contain the nullok option

oval:org.secpod.oval:def:20255
The passwords to remember should be set correctly.

oval:org.secpod.oval:def:20497
The netconsole service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:20252
The gpgcheck option should be used to ensure that checking of an RPM package's signature always occurs prior to its installation.

oval:org.secpod.oval:def:20373
The default umask for users of the csh shell

oval:org.secpod.oval:def:20494
The cgconfig service should be disabled if possible.

oval:org.secpod.oval:def:20374
The system's default desktop environment, GNOME, will mount devices and removable media (such as DVDs, CDs and USB flash drives) whenever they are inserted into the system. Disable automount and autorun within GNOME.

oval:org.secpod.oval:def:20253
Audit rules about the Unauthorized Access Attempts to Files (unsuccessful) are enabled

oval:org.secpod.oval:def:20371
All files should be owned by a user

oval:org.secpod.oval:def:20250
Audit rules should be configured to log successful and unsuccessful logon and logout events.

oval:org.secpod.oval:def:20372
Core dumps for all users should be disabled

oval:org.secpod.oval:def:20251
The kernel module tipc should be disabled.

oval:org.secpod.oval:def:20493
The atd service should be disabled if possible.

oval:org.secpod.oval:def:20490
The abrtd service should be disabled if possible.

oval:org.secpod.oval:def:20370
The daemon umask should be set as appropriate

oval:org.secpod.oval:def:25570
The host is installed with Google Chrome before 44.0.2403.89 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PDF document that triggers a large memory allocation. Successful exploitation could allow remote att ...

oval:org.secpod.oval:def:25571
The host is installed with Google Chrome before 44.0.2403.89 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PDF document that triggers a large memory allocation. Successful exploitation could allow remote att ...

oval:org.secpod.oval:def:25837
The host is installed with Microsoft Edge on Microsoft Windows 10 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a specially crafted webpage. Successful exploitation could allow attackers to gain the same user rights as the current user ...

CPE    1
cpe:/o:redhat:enterprise_linux:6
CCE    378
CCE-27137-9
CCE-26239-4
CCE-27114-8
CCE-26544-7
...
*XCCDF
xccdf_org.secpod_benchmark_general_RHEL_6

© 2013 SecPod Technologies