Download
| Alert*
oval:org.secpod.oval:def:87299
File permissions for '/etc/group' should be set correctly. oval:org.secpod.oval:def:87310 File permission for '/etc/ssh/sshd_config' is set to appropriate values. oval:org.secpod.oval:def:87298 This test makes sure that '/etc/passwd' has proper permission. If the target file or directory has an extended ACL then it will fail the mode check. oval:org.secpod.oval:def:87309 This test makes sure that '/etc/shadow' file permission is set as appropriate. If the target file or directory has an extended ACL then it will fail the mode check. oval:org.secpod.oval:def:87307 Only SSH protocol version 2 connections should be permitted. oval:org.secpod.oval:def:87308 Root login via SSH should be disabled (and dependencies are met) oval:org.secpod.oval:def:87305 The pam_cracklib module checks the strength of passwords. It performs checks such as making sure a password is not a dictionary word, it is a certain length, contains a mix of characters (e.g. alphabet, numeric, other) and more. The following are definitions of the pam_cracklib.so options. * retr ... oval:org.secpod.oval:def:87338 sudo allows a permitted user to execute a command as the superuser or another user, as specified by the security policy. The invoking user's real (not effective) user ID is used to determine the user name with which to query the security policy. Rationale: sudo supports a plugin arch ... oval:org.secpod.oval:def:87306 The maximum password age policy should meet minimum requirements. oval:org.secpod.oval:def:87303 The minimum password age policy should be set appropriately. oval:org.secpod.oval:def:87304 The kernel runtime parameter "net.ipv6.conf.default.accept_ra" should be set to "0". |