[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30477 Download | Alert*

Description: The `nodev` mount option specifies that the filesystem cannot contain special devices. Rationale: Since the /var/log filesystem is not intended to support devices, set this option to ensure that users cannot create a block or character special devices in /var/log . Audit: Verify that the `nodev` option is set if a `/var` partition exists.Run the following command and verify that nothi ...

Description: The `nosuid` mount option specifies that the filesystem cannot contain `setuid` files. Rationale: Setting this option on a file system prevents users from introducing privileged programs onto the system and allowing non-root users to execute them. Audit: Verify that the `nosuid` option is set if a `/home` partition exists.Run the following command and verify that nothing is returned:# ...

Title: Ensure noexec option set on /var/log/audit partition Description: The noexec mount option specifies that the filesystem cannot contain executable binaries. Rationale: Since the /var/log/audit filesystem is only intended for audit logs, set this option to ensure that users cannot run executable binaries from /var/log/audit . Audit: Verify that the noexec option is set for ...

Title: Ensure journald service is enabled Description: Ensure that the systemd-journald service is enabled to allow capturing of logging events. Rationale: If the systemd-journald service is not enabled to start on boot, the system will not capture logging events. Audit: Run the following command to verify systemd-journald is enabled: # systemctl is-enabled systemd-journald.s ...

Title: Ensure GNOME Display Manager is removed Description: The GNOME Display Manager (GDM) is a program that manages graphical display servers and handles graphical user logins. Rationale: If a Graphical User Interface (GUI) is not required, it should be removed to reduce the attack surface of the system. Impact: Removing the GNOME Display manager will remove the GUI from the syst ...

Title: Ensure events that modify the sudo log file are collected Description: Monitor the sudo log file. If the system has been properly configured to disable the use of the su command and force all administrators to have to log in first and then use sudo to execute privileged commands, then all administrator commands will be logged to /var/log/sudo.log . Any time a command is executed, ...

Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. Audit records can be generated from various components within the information system (e.g., module or policy filter). Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-0000 ...

Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. Audit records can be generated from various components within the information system (e.g., module or policy filter). Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-0000 ...

Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. Audit records can be generated from various components within the information system (e.g., module or policy filter). Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-0000 ...

The contents of the /etc/issue file are displayed to users prior to login for local terminals. Rationale: If the /etc/issue file does not have the correct ownership and permissions it could be modified by unauthorized users with incorrect or misleading information. Fix: Run the following commands to set permissions on /etc/issue: # chown root:root /etc/is ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   3047

© SecPod Technologies