[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30426 Download | Alert*

It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vector. The rsh service has known security vulnerabilities, and its use can expose the system t ...

Without configuring a local cache of revocation data, there is the potential to allow access to users who are no longer authorized (users with revoked certificates). Configure the Ubuntu operating system, for PKI-based authentication, to use local revocation data when unable to access the network to obtain it remotely. Fixtext: Add or update the "cert_policy" option in "/etc/p ...

Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. The chfn command allows you to change a user’s name and other details. Fixtext: Add or update the following rules in the "/etc/audit/audit.rules& ...

When X11 forwarding is enabled, there may be additional exposure to the server and client displays if the sshd proxy display is configured to listen on the wildcard address. By default, sshd binds the forwarding server to the loopback address and sets the hostname part of the DISPLAY environment variable to localhost. This prevents remote hosts from connecting to the proxy display. Fixtext: Edit ...

Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. The fdisk command is an interactive tool that is used to create partitions on a block device. Fixtext: Add or update the following rule in the "/etc/au ...

Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events.The Ubuntu operating system must synchronize internal information system clocks to the authoritative time source when the time difference is greate ...

Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. The chsh command allows you to change the login shell of username Fixtext: Add or update the following rules in the "/etc/audit/audit.rules" file: ...

Linux has a special directory for storing logs called /var/log. This directory contains logs from the OS itself, services, and various applications running on the system. Only authorized personnel should be aware of logs and the details of the logs. It is critical to ensure that the /var/log directory is protected from unauthorized access. Although it is protected by default, the file permissions ...

Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. The sudoedit command is used to edit files with elevated privileges using sudo. Fixtext: Add or update the following rules in the "/etc/audit/rules.d/st ...

The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access. Fixtext: Configure the Ubuntu operating system to do certificate status checking for multifactor authentication. Modify all of the "cert_policy" lines in "/etc/pam_pkcs11/pam_pkcs11.conf" to include "ocsp_on".


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   3042

© SecPod Technologies