[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30475 Download | Alert*

Auditing of 'Policy Change: Audit Policy Change' events on failure should be enabled or disabled as appropriate.

Disable telnet Service The 'telnet' service configuration file '/etc/xinetd.d/telnet' is not created automatically. If it was created manually, check the '/etc/xinetd.d/telnet' file and ensure that 'disable = no' is changed to read 'disable = yes' as follows below: # description: The telnet server serves telnet sessions; it uses \\ # unencrypted username/password pairs for authentication. ...

Require Authentication for Single User Mode Single-user mode is intended as a system recovery method, providing a single user root access to the system by providing a boot option at startup. By default, no authentication is performed if single-user mode is selected. By default, single-user mode is protected by requiring a password and is set in '/usr/lib/systemd/system/rescue.service'.

Record Events that Modify User/Group Information If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following lines to a file with suffix '.rules' in the directory '/etc/audit/rules.d', in order to capture events that modify account changes: -w /etc/group -p wa -k audit_rules_usergroup_modification -w /etc/passwd - ...

Verify /boot/grub2/grub.cfg User Ownership The file '/boot/grub2/grub.cfg' should be owned by the 'root' user to prevent destruction or modification of the file. To properly set the owner of '/boot/grub2/grub.cfg', run the command:

Set Last Logon/Access Notification To configure the system to notify users of last logon/access using 'pam_lastlog', add the following line immediately after 'session required pam_limits.so': 'session required pam_lastlog.so showfailed'

Check Avahi Responses' TTL Field To make Avahi ignore packets unless the TTL field is 255, edit '/etc/avahi/avahi-daemon.conf' and ensure the following line appears in the '[server]' section: 'check-response-ttl=yes'

The "Prevent Deleting Cookies" machine setting should be configured correctly.

Configure auditd to use audispd plugin To configure the 'auditd' service to use the 'audispd' plugin, set the 'active' line in '/etc/audisp/plugins.d/syslog.conf' to 'yes'. Restart the 'auditd'service: '$ sudo service auditd restart'

Set Permissions on the /var/log/httpd/ Directory Ensure that the permissions on the web server log directory is set to 700: '$ sudo chmod 700 /var/log/httpd/' This is its default setting.


Pages:      Start    3019    3020    3021    3022    3023    3024    3025    3026    3027    3028    3029    3030    3031    3032    ..   3047

© SecPod Technologies