[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30475 Download | Alert*

Sudo caches used credentials for a default of 15 minutes. This is for ease of use when there are multiple administrative tasks to perform. The timeout can be modified to suit local security policies. If the value is set to an integer less than 0, the user's time stamp will not expire and the user will not have to re-authenticate for privileged actions until the user's session is terminated.

Description: Audit tools include, but are not limited to, vendor-provided and open source audit tools needed to successfully view and manipulate audit information system activity and records. Audit tools include custom queries and report generators. Rationale: Protecting audit information includes identifying and protecting the tools used to view and manipulate log data. Protecting audit tools i ...

Description: dnsmasq is a lightweight tool that provides DNS caching, DNS forwarding and DHCP (Dynamic Host Configuration Protocol) services.Rationale: Unless a system is specifically designated to act as a DNS caching, DNS forwarding and/or DHCP server, it is recommended that the package be removed to reduce the potential attack surface. Audit: Run the following commands to verify dnsmasq is not ...

Description: systemd-timesyncd is a daemon that has been added for synchronizing the system clock across the network NTP A space-separated list of NTP server host names or IP addresses. During runtime this list is combined with any per-interface NTP servers acquired from systemd-networkd.service(8). systemd-timesyncd will contact all configured system or per-interface servers in turn, until one ...

Description: Audit log files contain information about the system and system activity. Rationale: Access to audit records can reveal system and configuration data to attackers, potentially compromising its confidentiality.Remediation: Run the following command to configure the audit log files to be owned by the root user: chown root [audit log file name] Note: audit log file name is a paramet ...

Description: Audit tools include, but are not limited to, vendor-provided and open source audit tools needed to successfully view and manipulate audit information system activity and records. Audit tools include custom queries and report generators. Rationale: Protecting audit information includes identifying and protecting the tools used to view and manipulate log data. Protecting audit tools i ...

Bluetooth is a short-range wireless technology standard that is used for exchanging data between devices over short distances. It employs UHF radio waves in the ISM bands, from 2.402 GHz to 2.48 GHz. It is mainly used as an alternative to wire connections. Rationale: An attacker may be able to find a way to access or corrupt your data. One example of this type of activity is bluesnarfing, which ...

Description: The autorun-never setting allows the GNOME Desktop Display Manager to disable autorun through GDM. Rationale: Malware on removable media may taking advantage of Autorun features when the media is inserted into a system and execute. Fix: Edit or create the file /etc/dconf/db/local.d/00-media-autorun and edit or add the following: [org/gnome/desktop/media-handling]autorun-never=true An ...

Description: systemd-timesyncd is a daemon that has been added for synchronizing the system clock across the network Rationale:systemd-timesyncd needs to be enabled and running in order to synchronize the system to a timeserver. Time synchronization is important to support time sensitive security mechanisms and to ensure log files have consistent time records across the enterprise to aid in forens ...

Description:Journald (via systemd-journal-remote) supports the ability to send log events it gathers to a remote log host or to receive messages from remote hosts, thus enabling centralized log management. Rationale:Storing log data on a remote host protects log integrity from local attacks. If an attacker gains root access on the local system, they could tamper with or remove log data that is sto ...


Pages:      Start    19    20    21    22    23    24    25    26    27    28    29    30    31    32    ..   3047

© SecPod Technologies