Download
| Alert*
oval:org.secpod.oval:def:33926
The Set Lockout Time For Failed Password Attempts should be set correctly. oval:org.secpod.oval:def:33935 Root login via SSH should be disabled (and dependencies are met) oval:org.secpod.oval:def:33957 The /etc/group file contains a list of all the valid groups defined in the system. The command below allows read/write access for root and read access for everyone else. oval:org.secpod.oval:def:33925 The pam_cracklib module checks the strength of passwords. It performs checks such as making sure a password is not a dictionary word, it is a certain length, contains a mix of characters (e.g. alphabet, numeric, other) and more. The following are definitions of the pam_cracklib.so options. * retr ... oval:org.secpod.oval:def:33955 The /etc/passwd file contains a list of all the valid userIDs defined in the system, but not the passwords. The command below sets the owner and group of the file to root. oval:org.secpod.oval:def:33928 Only SSH protocol version 2 connections should be permitted. oval:org.secpod.oval:def:33895 The kernel runtime parameter "net.ipv6.conf.default.accept_ra" should be set to "0". oval:org.secpod.oval:def:33953 This test makes sure that '/etc/shadow' file permission is setted as appropriate. If the target file or directory has an extended ACL then it will fail the mode check. oval:org.secpod.oval:def:33930 File permission for '/etc/ssh/sshd_config' is set to appropriate values. oval:org.secpod.oval:def:33956 The /etc/shadow file contains the one-way cipher text passwords for each user defined in the /etc/passwd file. The command below sets the user and group ownership of the file to root. oval:org.secpod.oval:def:33945 The minimum password age policy should be set appropriately. oval:org.secpod.oval:def:33944 The maximum password age policy should meet minimum requirements. |