Download
| Alert*
oval:org.secpod.oval:def:53892
IP forwarding should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53893 The system's default desktop environment, GNOME, will mount devices and removable media (such as DVDs, CDs and USB flash drives) whenever they are inserted into the system. Disable automount and autorun within GNOME. oval:org.secpod.oval:def:53787 Audit rules about the Information on the Use of Privileged Commands are enabled oval:org.secpod.oval:def:53729 The direct gnome login warning banner should be set correctly. oval:org.secpod.oval:def:53860 Idle activation of the screen lock should be enabled. oval:org.secpod.oval:def:53852 Enable the GUI warning banner. oval:org.secpod.oval:def:53730 The restorecond service should be enabled if possible. oval:org.secpod.oval:def:53739 The haldaemon service should be disabled if possible. oval:org.secpod.oval:def:53927 Enable warning banner for GUI login oval:org.secpod.oval:def:53804 Change the default policy to DROP (from ACCEPT) for the INPUT built-in chain (/etc/sysconfig/ip6tables). oval:org.secpod.oval:def:53930 Checks /etc/inittab to ensure that default runlevel is set to 3. oval:org.secpod.oval:def:53933 The nfslock service should be disabled if possible. oval:org.secpod.oval:def:53932 The allowed period of inactivity before the screensaver is activated. oval:org.secpod.oval:def:53825 Change the default policy to DROP (from ACCEPT) for the INPUT built-in chain (/etc/sysconfig/iptables). oval:org.secpod.oval:def:53734 The RPM package dhcpd should be removed. oval:org.secpod.oval:def:53754 Specify Additional Remote NTP Servers (/etc/ntp.conf) should be configured appropriately. oval:org.secpod.oval:def:53918 The RPM package rsh-server should be removed. oval:org.secpod.oval:def:53904 The default umask for all users should be set correctly oval:org.secpod.oval:def:53851 The audit rules should be configured to log information about kernel module loading and unloading. oval:org.secpod.oval:def:53726 Avahi publishing of IP addresses should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53802 Audit actions taken by system administrators on the system. oval:org.secpod.oval:def:53934 The RPC IPv6 Support should be configured appropriately based rpc services. oval:org.secpod.oval:def:53806 Disable CGI Support (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53864 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53761 The passwords to remember should be set correctly. oval:org.secpod.oval:def:53789 The telnet service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53763 The sshd service should be disabled if possible. oval:org.secpod.oval:def:53832 The named service should be disabled if possible. oval:org.secpod.oval:def:53845 Syslog logs should be sent to a remote loghost oval:org.secpod.oval:def:53921 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53844 The kernel runtime parameter "net.ipv4.icmp_ignore_bogus_error_responses" should be set to "1". oval:org.secpod.oval:def:53812 The rexec service should be disabled if possible. oval:org.secpod.oval:def:53835 admin_space_left_action setting in /etc/audit/auditd.conf is set to a certain action oval:org.secpod.oval:def:53738 action_mail_acct setting in /etc/audit/auditd.conf is set to a certain account oval:org.secpod.oval:def:53884 Enable privacy extensions for IPv6 oval:org.secpod.oval:def:53885 Audit rules should capture information about session initiation. oval:org.secpod.oval:def:53896 The xinetd service should be disabled if possible. oval:org.secpod.oval:def:53788 SSL capabilities should be enabled for the mail server. oval:org.secpod.oval:def:53837 Only SSH protocol version 2 connections should be permitted. oval:org.secpod.oval:def:53872 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53847 The RPM package squid should be removed. oval:org.secpod.oval:def:53890 Preventing direct root login to serial port interfaces helps ensure accountability for actions taken on the system using the root account. oval:org.secpod.oval:def:53770 mod_ssl package installation should be configured appropriately. oval:org.secpod.oval:def:53935 Disable MIME Magic (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53833 The SSH ClientAliveCountMax should be set to an appropriate value (and dependencies are met) oval:org.secpod.oval:def:53708 The RPM package xinetd should be removed. oval:org.secpod.oval:def:53868 The snmpd service should be disabled if possible. oval:org.secpod.oval:def:53839 The kernel runtime parameter "net.ipv6.conf.default.accept_redirects" should be set to "0". oval:org.secpod.oval:def:53718 The password hashing algorithm should be set correctly in /etc/login.defs. oval:org.secpod.oval:def:53746 Test if HostLimit line in logwatch.conf is set appropriately. On a central logserver, you want Logwatch to summarize all syslog entries, including those which did not originate on the logserver itself. The HostLimit setting tells Logwatch to report on all hosts, not just the one on which it is runni ... oval:org.secpod.oval:def:53829 The password minimum length should be set appropriately. oval:org.secpod.oval:def:53792 File permissions for '/etc/group' should be set correctly. oval:org.secpod.oval:def:53945 The ypbind service should be disabled if possible. oval:org.secpod.oval:def:53849 The irqbalance service should be enabled if possible. oval:org.secpod.oval:def:53772 rsyslogd should reject remote messages oval:org.secpod.oval:def:53821 The kdump service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53803 The system login banner text should be set correctly. oval:org.secpod.oval:def:53750 The rpcidmapd service should be disabled if possible. oval:org.secpod.oval:def:53915 The saslauthd service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53819 The /etc/gshadow file should be owned by the appropriate group. oval:org.secpod.oval:def:53773 The password lcredit should meet minimum requirements using pam_cracklib oval:org.secpod.oval:def:53866 The password dcredit should meet minimum requirements using pam_cracklib oval:org.secpod.oval:def:53814 The RPM package httpd should be removed. oval:org.secpod.oval:def:53929 The RPM package net-snmp should be removed. oval:org.secpod.oval:def:53911 The gpgcheck option should be used to ensure that checking of an RPM package's signature always occurs prior to its installation. oval:org.secpod.oval:def:53901 The kernel runtime parameter "kernel.randomize_va_space" should be set to "2". oval:org.secpod.oval:def:53805 Emulation of the rsh command through the ssh server should be disabled (and dependencies are met) oval:org.secpod.oval:def:53888 This test makes sure that '/etc/gshadow' is setted appropriate permission. If the target file or directory has an extended ACL then it will fail the mode check. oval:org.secpod.oval:def:53783 The RPM package aide should be installed. oval:org.secpod.oval:def:53878 System Audit Logs Must Have Mode 0640 or Less Permissive (/var/log/audit/*) should be configured appropriately. oval:org.secpod.oval:def:53891 The pcscd service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53758 The ip6tables service should be enabled if possible. oval:org.secpod.oval:def:53887 By default, locally configured printers will not be shared over the network, but if this functionality has somehow been enabled, these recommendations will disable it again. Be sure to disable outgoing printer list broadcasts, or remote users will still be able to see the locally configured printers ... oval:org.secpod.oval:def:53848 The password difok should meet minimum requirements using pam_cracklib oval:org.secpod.oval:def:53782 The /etc/httpd/conf/* files should have the appropriate permissions. oval:org.secpod.oval:def:53836 The kernel module freevxfs should be disabled. oval:org.secpod.oval:def:53840 SSH warning banner should be enabled (and dependencies are met). oval:org.secpod.oval:def:53910 Protect against unnecessary release of information. oval:org.secpod.oval:def:53722 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53707 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53733 The kernel runtime parameter "fs.suid_dumpable" should be set to "0". oval:org.secpod.oval:def:53809 Logins through the Direct root Logins Not Allowed should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53760 The dynamic DNS feature of the DHCP server should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53743 Disable Avahi Publishing (/etc/avahi/avahi-daemon.conf) should be configured appropriately. oval:org.secpod.oval:def:53790 The mdmonitor service should be disabled if possible. oval:org.secpod.oval:def:53843 The SELinux state should be enforcing the local policy. oval:org.secpod.oval:def:53811 The kernel runtime parameter "net.ipv4.conf.all.log_martians" should be set to "1". oval:org.secpod.oval:def:53826 The RPM package telnet-server should be removed. oval:org.secpod.oval:def:53907 The quota_nld service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53748 The password ucredit should meet minimum requirements using pam_cracklib oval:org.secpod.oval:def:53850 Disable Prelinking (/etc/sysconfig/prelink) should be configured appropriately. oval:org.secpod.oval:def:53757 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53831 Record attempts to alter time through adjtimex. oval:org.secpod.oval:def:53703 The rsyslog service should be enabled if possible. oval:org.secpod.oval:def:53815 The messagebus service should be disabled if possible. oval:org.secpod.oval:def:53875 Avahi should be configured to accept packets with a TTL field not equal to 255 or not as appropriate. oval:org.secpod.oval:def:53940 The kernel module sctp should be disabled. oval:org.secpod.oval:def:53755 The tftp service should be disabled if possible. oval:org.secpod.oval:def:53886 The ntpdate service should be disabled if possible. oval:org.secpod.oval:def:53942 The squid service should be disabled if possible. oval:org.secpod.oval:def:53808 The netconsole service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53756 The bluetooth service should be disabled if possible. oval:org.secpod.oval:def:53714 The kernel module hfsplus should be disabled. oval:org.secpod.oval:def:53810 The abrtd service should be disabled if possible. oval:org.secpod.oval:def:53898 PermitUserEnvironment should be disabled oval:org.secpod.oval:def:53710 The /etc/passwd file should be owned by the appropriate group. oval:org.secpod.oval:def:53721 The kernel runtime parameter "net.ipv4.ip_forward" should be set to "0". oval:org.secpod.oval:def:53846 The kernel runtime parameter "net.ipv4.conf.default.rp_filter" should be set to "1". oval:org.secpod.oval:def:53816 The SELinux policy should be set appropriately. oval:org.secpod.oval:def:53774 The number of allowed failed logins should be set correctly. oval:org.secpod.oval:def:53744 The CUPS print service can be configured to broadcast a list of available printers to the network. Other machines on the network, also running the CUPS print service, can be configured to listen to these broadcasts and add and configure these printers for immediate use. By disabling this browsing ca ... oval:org.secpod.oval:def:53916 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53941 Configure statd to use static port (/etc/sysconfig/nfs) should be configured appropriately. oval:org.secpod.oval:def:53771 The apache2 server's ServerSignature value should be set appropriately. oval:org.secpod.oval:def:53752 Record attempts to alter time through clock_settime. oval:org.secpod.oval:def:53881 space_left_action setting in /etc/audit/auditd.conf is set to a certain action oval:org.secpod.oval:def:53828 Audit rules about the Unauthorized Access Attempts to Files (unsuccessful) are enabled oval:org.secpod.oval:def:53747 The anacron service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53858 Disable URL Correction on Misspelled Entries (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53882 The yum-updatesd service should be disabled oval:org.secpod.oval:def:53793 DHCPDECLINE messages should be accepted or denied by the DHCP server as appropriate oval:org.secpod.oval:def:53869 The vsftpd service should be disabled if possible. oval:org.secpod.oval:def:53938 The kernel runtime parameter "net.ipv4.conf.all.secure_redirects" should be set to "0". oval:org.secpod.oval:def:53784 Record Events that Modify the System's Discretionary Access Controls - chmod. The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53842 Root login via SSH should be disabled (and dependencies are met) oval:org.secpod.oval:def:53874 The squashfs Kernel Module should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53876 The RPM package openldap-servers should be removed. oval:org.secpod.oval:def:53731 This test makes sure that '/etc/shadow' file permission is setted as appropriate. If the target file or directory has an extended ACL then it will fail the mode check. oval:org.secpod.oval:def:53903 Disable LDAP Support (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53711 Audit rules that detect the mounting of filesystems should be enabled. oval:org.secpod.oval:def:53801 Configure SNMP Service to Use Only SNMPv3 or Newer (/etc/snmp/snmpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53701 The atd service should be disabled if possible. oval:org.secpod.oval:def:53799 Set Password to Maximum of Three Consecutive Repeating Characters should be configured appropriately. oval:org.secpod.oval:def:53902 The RPM package vsftpd should be removed. oval:org.secpod.oval:def:53704 The password retry should meet minimum requirements using pam_cracklib oval:org.secpod.oval:def:53925 Logging of vsftpd transactions should be enabled or disabled as appropriate oval:org.secpod.oval:def:53879 The RPM package dovecot should be removed. oval:org.secpod.oval:def:53713 The postfix service should be enabled if possible. oval:org.secpod.oval:def:53785 Audit rules that detect changes to the system's mandatory access controls (SELinux) are enabled. oval:org.secpod.oval:def:53867 max_log_file_action setting in /etc/audit/auditd.conf is set to a certain action oval:org.secpod.oval:def:53702 The ability for users to perform interactive startups should be disabled. oval:org.secpod.oval:def:53709 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53778 The kernel runtime parameter "net.ipv4.conf.default.secure_redirects" should be set to "0". oval:org.secpod.oval:def:53883 The /etc/passwd file should be owned by the appropriate user. oval:org.secpod.oval:def:53899 The ntpd service should be enable or disable as appropriate. oval:org.secpod.oval:def:53877 The rdisc service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53769 Manually configure addresses for IPv6 oval:org.secpod.oval:def:53736 The RPM package bind should be removed. oval:org.secpod.oval:def:53715 The kernel module usb-storage should be disabled. oval:org.secpod.oval:def:53737 Record attempts to alter time through settimeofday. oval:org.secpod.oval:def:53725 The RPM package tftp-server should be removed. oval:org.secpod.oval:def:53917 Configure the system to notify users of last logon/access using pam_lastlog. oval:org.secpod.oval:def:53889 Require samba clients which use smb.conf, such as smbclient, to use packet signing. A Samba client should only communicate with servers who can support SMB packet signing. oval:org.secpod.oval:def:53794 The rpcsvcgssd service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53817 Core dumps for all users should be disabled oval:org.secpod.oval:def:53765 Limit the ciphers to those which are FIPS-approved and only use ciphers in counter (CTR) mode. oval:org.secpod.oval:def:53742 System Audit Logs Must Be Owned By Root (/var/log/*) should be configured appropriately. oval:org.secpod.oval:def:53781 The RPM package ypserv should be removed. oval:org.secpod.oval:def:53764 Directory permissions for /etc/httpd/conf/ should be set as appropriate. oval:org.secpod.oval:def:53705 The requirement for a password to boot into single-user mode should be configured correctly. oval:org.secpod.oval:def:53751 The acpid service should be disabled if possible. oval:org.secpod.oval:def:53834 A warning banner for all FTP users should be enabled or disabled as appropriate oval:org.secpod.oval:def:53719 The Apache qpidd service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53943 The /etc/shadow file should be owned by the appropriate user. oval:org.secpod.oval:def:53759 The smartd service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53779 Disable Server Activity Status (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53861 The httpd service should be disabled if possible. oval:org.secpod.oval:def:53922 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53853 The kernel runtime parameter "net.ipv4.tcp_syncookies" should be set to "1". oval:org.secpod.oval:def:53777 The kernel module hfs should be disabled. oval:org.secpod.oval:def:53919 The lockd service should be configured to use a static port or a dynamic portmapper port for TCP as appropriate. oval:org.secpod.oval:def:53716 Record attempts to alter time through stime, note that this is only relevant on 32bit architecture. oval:org.secpod.oval:def:53712 Restrict Access to Anonymous Users should be configured appropriately. oval:org.secpod.oval:def:53908 Require the use of TLS for ldap clients. oval:org.secpod.oval:def:53717 The password hashing algorithm should be set correctly in /etc/pam.d/system-auth. oval:org.secpod.oval:def:53762 Disable Logwatch on Clients if a Logserver Exists (/etc/cron.daily/0logwatch) should be configured appropriately. oval:org.secpod.oval:def:53894 The portreserve service should be disabled if possible. oval:org.secpod.oval:def:53923 The file /etc/pam.d/system-auth should not contain the nullok option oval:org.secpod.oval:def:53745 The RPM package rsyslog should be installed. oval:org.secpod.oval:def:53862 The kernel runtime parameter "net.ipv4.conf.all.accept_redirects" should be set to "0". oval:org.secpod.oval:def:53937 The rlogin service should be disabled if possible. oval:org.secpod.oval:def:53723 The '/etc/shadow' file should be owned by the appropriate group. oval:org.secpod.oval:def:53727 Root squashing should be enabled or disabled as appropriate for all NFS shares. oval:org.secpod.oval:def:53936 The mountd service should be configured to use a static port or a dynamic portmapper port as appropriate oval:org.secpod.oval:def:53905 Ensure all yum repositories utilize signature checking. oval:org.secpod.oval:def:53818 Disable Zeroconf automatic route assignment in the 169.254.0.0 subnet. oval:org.secpod.oval:def:53931 The kernel module dccp should be disabled. oval:org.secpod.oval:def:53912 Require the use of TLS for ldap clients. oval:org.secpod.oval:def:53795 Restriction of NFS clients to privileged ports should be enabled or disabled as appropriate oval:org.secpod.oval:def:53700 The nfs service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53798 Disable WebDAV (Distributed Authoring and Versioning) (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53767 The kernel runtime parameter "net.ipv6.conf.default.accept_ra" should be set to "0". oval:org.secpod.oval:def:53920 SSH's cryptographic host-based authentication is more secure than .rhosts authentication. However, it is not recommended that hosts unilaterally trust one another, even within an organization. oval:org.secpod.oval:def:53796 The SELinux state should be set appropriately. oval:org.secpod.oval:def:53873 Directory permissions for /var/log/httpd should be set appropriately. oval:org.secpod.oval:def:53939 The Avahi daemon should be configured to serve via Ipv6 or not as appropriate. oval:org.secpod.oval:def:53854 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53706 The password hashing algorithm should be set correctly in /etc/libuser.conf. oval:org.secpod.oval:def:53913 Configure Periodic Execution of AIDE (/etc/crontab) should be configured appropriately. oval:org.secpod.oval:def:53749 Disable Cache Support (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53753 The netfs service should be disabled if possible. oval:org.secpod.oval:def:53863 The '.rhosts' or 'hosts.equiv' files should exists or doesn't exists on the system. oval:org.secpod.oval:def:53822 Limit Users SSH Access should be configured appropriately. oval:org.secpod.oval:def:53740 The kernel module udf should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53895 The Samba (SMB) service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53728 The network environment should not be modified by anything other than administrator action. Any change to network parameters should be audited. oval:org.secpod.oval:def:53775 The crond service should be enabled if possible. oval:org.secpod.oval:def:53880 The dovecot service should be disabled if possible. oval:org.secpod.oval:def:53732 The kernel runtime parameter "net.ipv4.conf.default.send_redirects" should be set to "0". oval:org.secpod.oval:def:53906 The kernel runtime parameter "net.ipv4.icmp_echo_ignore_broadcasts" should be set to "1". oval:org.secpod.oval:def:53914 The kernel module jffs2 should be disabled. oval:org.secpod.oval:def:53855 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53820 Disable Server Side Includes (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53797 Check if SplitHosts line in logwatch.conf is set appropriately. oval:org.secpod.oval:def:53830 The /etc/gshadow file should be owned by the appropriate user. oval:org.secpod.oval:def:53791 The disable option will allow the IPv6 module to be inserted, but prevent address assignment and activation of the network stack. oval:org.secpod.oval:def:53776 A remote NTP Server for time synchronization should be specified (and dependencies are met) oval:org.secpod.oval:def:53807 The cpuspeed service should be disabled if possible. oval:org.secpod.oval:def:53800 The auditd service should be enabled if possible. oval:org.secpod.oval:def:53857 The sysstat service should be disabled if possible. oval:org.secpod.oval:def:53865 Ensure Default Password Is Not Used (/etc/snmp/snmpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53720 The daemon umask should be set as appropriate oval:org.secpod.oval:def:53824 Ensure Insecure File Locking is Not Allowed (/etc/exports) should be configured appropriately. oval:org.secpod.oval:def:53944 The kernel module cramfs should be disabled. oval:org.secpod.oval:def:53841 Specify UID and GID for Anonymous NFS Connections (/etc/exports) should be configured appropriately. oval:org.secpod.oval:def:53870 The kernel runtime parameter "net.ipv4.conf.all.rp_filter" should be set to "1". oval:org.secpod.oval:def:53897 The TFTP daemon should use secure mode. oval:org.secpod.oval:def:53856 The kernel runtime parameter "net.ipv4.conf.default.accept_redirects" should be set to "0". oval:org.secpod.oval:def:53900 Record attempts to alter time through /etc/localtime oval:org.secpod.oval:def:53735 The /etc/group file should be owned by the appropriate user. oval:org.secpod.oval:def:53766 Audit files deletion events. oval:org.secpod.oval:def:53838 The dhcpd service should be disabled if possible. oval:org.secpod.oval:def:53724 The certmonger service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53928 Global IPv6 initialization should be disabled. oval:org.secpod.oval:def:53786 This test makes sure that '/etc/passwd' has proper permission. If the target file or directory has an extended ACL then it will fail the mode check. oval:org.secpod.oval:def:53768 The lockd service should be configured to use a static port or a dynamic portmapper port for UDP as appropriate. oval:org.secpod.oval:def:53827 The default umask for users of the bash shell oval:org.secpod.oval:def:53813 Avahi should be configured to allow other stacks from binding to port 5353 or not as appropriate. oval:org.secpod.oval:def:53924 The /etc/group file should be owned by the appropriate group. oval:org.secpod.oval:def:53871 The avahi-daemon service should be disabled if possible. oval:org.secpod.oval:def:53823 The SSH idle timeout interval should be set to an appropriate value. oval:org.secpod.oval:def:53780 The minimum password age policy should be set appropriately. oval:org.secpod.oval:def:53680 The maximum number of concurrent login sessions per user should meet minimum requirements. oval:org.secpod.oval:def:53682 Force a reboot to change audit rules is enabled oval:org.secpod.oval:def:53681 The Kernel Parameter for Accepting Source-Routed Packets By Default should be enabled or disabled as appropriate. The kernel runtime parameter "net.ipv4.conf.default.accept_source_route" should be set to "0". oval:org.secpod.oval:def:53684 The number of allowed failed logins should be set correctly. oval:org.secpod.oval:def:53683 The 'rsyslog' to Accept Messages via TCP, if Acting As Log Server should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53675 Define default gateways for IPv6 traffic oval:org.secpod.oval:def:53674 Audit rules should detect modification to system files that hold information about users and groups. oval:org.secpod.oval:def:53677 The number of allowed failed logins should be set correctly. oval:org.secpod.oval:def:53676 The changing of file permissions and attributes should be audited. oval:org.secpod.oval:def:53679 The HTTPD Proxy Module Support should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53678 The rpcgssd service should be disabled if possible. oval:org.secpod.oval:def:53691 The RPM package screen should be installed. oval:org.secpod.oval:def:53690 The logrotate (syslog rotater) service should be enabled. oval:org.secpod.oval:def:53693 The screen saver should be blank. oval:org.secpod.oval:def:53692 Systems that are using the 64-bit x86 kernel package do not need to install the kernel-PAE package because the 64-bit x86 kernel already includes this support. However, if the system is 32-bit and also supports the PAE and NX features as determined in the previous section, the kernel-PAE package sho ... oval:org.secpod.oval:def:53695 Disable Web Server Configuration Display (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53694 File uploads via vsftpd should be enabled or disabled as appropriate oval:org.secpod.oval:def:53686 The autofs service should be disabled if possible. oval:org.secpod.oval:def:53685 Configure Dovecot to Use the SSL Key file should be configured appropriately. oval:org.secpod.oval:def:53688 The kernel module tipc should be disabled. oval:org.secpod.oval:def:53687 Postfix network listening should be disabled oval:org.secpod.oval:def:53689 The root account is the only system account that should have a login shell. oval:org.secpod.oval:def:53697 Dovecot plaintext authentication of clients should be enabled or disabled as necessary oval:org.secpod.oval:def:53696 The default umask for users of the csh shell oval:org.secpod.oval:def:53699 The cgconfig service should be disabled if possible. oval:org.secpod.oval:def:53698 The oddjobd service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53651 The default umask for all users specified in /etc/login.defs oval:org.secpod.oval:def:53650 The kernel module rds should be disabled. oval:org.secpod.oval:def:53644 max_log_file setting in /etc/audit/auditd.conf is set to at least a certain value oval:org.secpod.oval:def:53643 The cgred service should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53646 The psacct service should be enabled if possible. oval:org.secpod.oval:def:53645 The kernel module bluetooth should be disabled. oval:org.secpod.oval:def:53648 The mod_security package installation should be configured appropriately. oval:org.secpod.oval:def:53647 If inbound SSH access is not needed, the firewall should disallow or reject access to the SSH port (22). oval:org.secpod.oval:def:53649 The RPM package sendmail should be removed. oval:org.secpod.oval:def:53660 The kernel runtime parameter "net.ipv4.conf.all.send_redirects" should be set to "0". oval:org.secpod.oval:def:53662 Audit rules should be configured to log successful and unsuccessful logon and logout events. oval:org.secpod.oval:def:53661 Remote connections (SSH) from accounts with empty passwords should be disabled (and dependencies are met). oval:org.secpod.oval:def:53653 The kernel runtime parameter "kernel.dmesg_restrict" should be set to "1". oval:org.secpod.oval:def:53652 The rsh service should be disabled if possible. oval:org.secpod.oval:def:53655 The kernel runtime parameter "net.ipv4.conf.all.accept_source_route" should be set to "0". oval:org.secpod.oval:def:53654 Disable HTTP mod_rewrite (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53657 The apache2 server's ServerTokens value should be set appropriately oval:org.secpod.oval:def:53656 The password ocredit should meet minimum requirements using pam_cracklib oval:org.secpod.oval:def:53659 The iptables service should be enabled if possible. oval:org.secpod.oval:def:53658 num_logs setting in /etc/audit/auditd.conf is set to at least a certain value oval:org.secpod.oval:def:53671 The rsyslog to Accept Messages via UDP, if Acting As Log Server should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53670 Plaintext authentication of mail clients should be enabled or disabled as appropriate. oval:org.secpod.oval:def:53673 Configure auditd to use audispd plugin (/etc/audisp/plugins.d/syslog.conf) should be configured appropriately. oval:org.secpod.oval:def:53672 The RPM package openswan should be installed. oval:org.secpod.oval:def:53664 The system's default desktop environment, GNOME, uses a number of different thumbnailer programs to generate thumbnails for any new or modified content in an opened folder. Disable the execution of these thumbnail applications within GNOME. oval:org.secpod.oval:def:53663 The .netrc files contain login information used to auto-login into FTP servers and reside in the user's home directory. Any .netrc files should be removed. oval:org.secpod.oval:def:53666 Idle activation of the screen saver should be enabled. oval:org.secpod.oval:def:53665 The cups service should be disabled if possible. oval:org.secpod.oval:def:53668 Disable HTTP Digest Authentication (/etc/httpd/conf/httpd.conf) should be configured appropriately. oval:org.secpod.oval:def:53667 BOOTP queries should be accepted or denied by the DHCP server as appropriate. oval:org.secpod.oval:def:53669 Logging (/etc/rsyslog.conf) should be configured appropriately. oval:org.secpod.oval:def:53926 Preventing direct root login to virtual console devices helps ensure accountability for actions taken on the system using the root account. oval:org.secpod.oval:def:53859 The maximum password age policy should meet minimum requirements. oval:org.secpod.oval:def:53909 The password warning age should be set appropriately. oval:org.secpod.oval:def:53741 The accounts should be configured to expire automatically following inactivity. |