[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247974

 
 

909

 
 

194654

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30426 Download | Alert*

The pwquality maxrepeat option sets the maximum number of allowed same consecutive characters in a new password. Rationale: Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password complexity is one fact ...

Description:Ensure that the systemd-journald service is enabled to allow capturing of logging events. Rationale: If the systemd-journald service is not enabled to start on boot, the system will not capture logging events. Audit: Run the following command to verify systemd-journald is enabled: # systemctl is-enabled systemd-journald.service Verify the output matches: static Note: If it is not stati ...

The noexec mount option specifies that the filesystem cannot contain executable binaries. Rationale: Since the /var/log/audit filesystem is only intended for audit logs, set this option to ensure that users cannot run executable binaries from /var/log/audit. Fix: Run the following command to remount /var/log/audit: # mount -o remount,noexec /var/log/audit Also add or edit entr ...

Description: The `nodev` mount option specifies that the filesystem cannot contain special devices. Rationale: Since the /var/log filesystem is not intended to support devices, set this option to ensure that users cannot create a block or character special devices in /var/log . The nodev mount option specifies that the filesystem cannot contain special devices. Rationale: Since the /var/log/audi ...

Description: The nosuid mount option specifies that the filesystem cannot contain setuid files. Rationale: Since the /var/log/audit filesystem is only intended for variable files such as logs, set this option to ensure that users cannot create setuid files in /var/log/audit. Remediation: Edit the `/etc/fstab` file and add `nosuid` to the fourth field (mounting options) for the `/var/log/audit` p ...

sudo provides users with temporary elevated privileges to perform operations, either as the superuser or another user. Rationale: Creating an audit log of users with temporary elevated privileges and the operation(s) they performed is essential to reporting. Administrators will want to correlate the events written to the audit trail with the records written to sudo logfile to verify if unauthori ...

Monitor the sudo log file. If the system has been properly configured to disable the use of the su command and force all administrators to have to log in first and then use sudo to execute privileged commands, then all administrator commands will be logged to /var/log/sudo.log . Any time a command is executed, an audit event will be triggered as the /var/log/sudo.log file will be opened for write ...

A core dump is the memory of an executable program. It is generally used to determine why a program aborted. It can also be used to glean confidential information from a core file. The system provides the ability to set a soft limit for core dumps, but this can be overridden by the user. Rationale: Setting a hard limit on core dumps prevents users from overriding the soft variable. If core dumps ...

Configure AppArmor to be enabled at boot time and verify that it has not been overwritten by the bootloader boot parameters. Rationale: AppArmor must be enabled at boot time in your bootloader configuration to ensure that the controls it provides are not overridden. Note: This recommendation is designed around the grub bootloader, if LILO or another bootloader is in use in ...

Description: By default GNOME automatically mounts removable media when inserted as a convenience to the user. Rationale: With automounting enabled anyone with physical access could attach a USB drive or disc and have its contents available in system even if they lacked permissions to mount it themselves. Fix: Edit or create the file /etc/dconf/db/loca ...


Pages:      Start    12    13    14    15    16    17    18    19    20    21    22    23    24    25    ..   3042

© SecPod Technologies