[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

116471

 
 

909

 
 

91176

 
 

140

 
 
Paid content will be excluded from the download.

Filter
Matches : 24436 Download | Alert*

Set SSH Client Alive Count To ensure the SSH idle timeout occurs precisely when the 'ClientAliveCountMax' is set, edit '/etc/ssh/sshd_config' as follows: 'ClientAliveCountMax 0'

Verify Group Who Owns gshadow File To properly set the group owner of '/etc/gshadow', run the command:

Set SSH Idle Timeout Interval SSH allows administrators to set an idle timeout interval. After this interval has passed, the idle user will be automatically logged out. To set an idle timeout interval, edit the following line in '/etc/ssh/sshd_config' as follows: 'ClientAliveInterval

Record Events that Modify the System's Discretionary Access Controls - fchownat At a minimum the audit system should collect file permission changes for all users and root. If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following line to a file with suffix '.rules' in the directory '/etc/audit/rules.d': '-a alw ...

Record Attempts to Alter Time Through stime If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following line to a file with suffix '.rules' in the directory '/etc/audit/rules.d' for both 32 bit and 64 bit systems: '-a always,exit -F arch=b32 -S stime -k audit_time_rules' Since the 64 bit version of the "stime" sys ...

Restrict Serial Port Root Logins To restrict root logins on serial ports, ensure lines of this form do not appear in '/etc/securetty': ttyS0 ttyS1

Record Events that Modify the System's Discretionary Access Controls - fchown At a minimum the audit system should collect file permission changes for all users and root. If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following line to a file with suffix '.rules' in the directory '/etc/audit/rules.d': '-a alway ...

Set Password Strength Minimum Special Characters The pam_pwquality module's 'ocredit=' parameter controls requirements for usage of special (or "other") characters in a password. When set to a negative number, any password will be required to contain that many special characters. When set to a positive number, pam_pwquality will grant +1 additional length credit for each special character. Modif ...

Disable Print Server Capabilities To prevent remote users from potentially connecting to and using locally configured printers, disable the CUPS print server sharing capabilities. To do so, limit how the server will listen for print jobs by removing the more generic port directive from /etc/cups/cupsd.conf: 'Port 631' and replacing it with the 'Listen' directive: 'Listen localhost:631' This will ...

Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful) At a minimum the audit system should collect unauthorized file accesses for all users and root. If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following lines to a file with suffix '.rules' in the directory '/etc/audit/rules.d': -a alwa ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   2443

© SecPod Technologies