[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

116471

 
 

909

 
 

91176

 
 

140

 
 
Paid content will be excluded from the download.

Filter
Matches : 24436 Download | Alert*

Disable Modprobe Loading of USB Storage Driver To prevent USB storage devices from being used, configure the kernel module loading system to prevent automatic loading of the USB storage driver. To configure the system to prevent the 'usb-storage' kernel module from being loaded, add the following line to a file in the directory '/etc/modprobe.d':

Verify Permissions on shadow File To properly set the permissions of '/etc/shadow', run the command:

Record Events that Modify the System's Discretionary Access Controls - setxattr At a minimum the audit system should collect file permission changes for all users and root. If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following line to a file with suffix '.rules' in the directory '/etc/audit/rules.d': '-a alw ...

Verify Permissions on gshadow File To properly set the permissions of '/etc/gshadow', run the command:

Modify the System Login Banner To configure the system login banner: Edit '/etc/issue'. Replace the default text with a message compliant with the local site policy or a legal disclaimer. The DoD required text is either: 'You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this I ...

Set Password Warning Age To specify how many days prior to password expiration that a warning will be issued to users, edit the file '/etc/login.defs' and add or correct the following line, replacing

Specify a Remote NTP Server To specify a remote NTP server for time synchronization, edit the file '/etc/ntp.conf'. Add or correct the following lines, substituting the IP or hostname of a remote NTP server for

Restrict Access to Kernel Message Buffer To set the runtime status of the 'kernel.dmesg_restrict' kernel parameter, run the following command:

Disable Kernel Parameter for Sending ICMP Redirects for All Interfaces To set the runtime status of the 'net.ipv4.conf.all.send_redirects' kernel parameter, run the following command:

Disable WebDAV (Distributed Authoring and Versioning) WebDAV is an extension of the HTTP protocol that provides distributed and collaborative access to web content. If its functionality is unnecessary, comment out the related modules: #LoadModule dav_module modules/mod_dav.so #LoadModule dav_fs_module modules/mod_dav_fs.so If there is a critical need for WebDAV, extra care should be taken in its ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   2443

© SecPod Technologies