[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30426 Download | Alert*

Without generating audit records specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. Audit records can be generated from various components within the information system (e.g., module or policy filter). Satisfies: SRG-OS-000037-GPOS-00015, SRG-OS-0000 ...

The contents of the /etc/issue file are displayed to users prior to login for local terminals. Rationale: If the /etc/issue file does not have the correct ownership and permissions it could be modified by unauthorized users with incorrect or misleading information. Fix: Run the following commands to set permissions on /etc/issue: # chown root:root /etc/is ...

Description: By default GNOME automatically mounts removable media when inserted as a convenience to the user. Rationale: With automounting enabled anyone with physical access could attach a USB drive or disc and have its contents available in system even if they lacked permissions to mount it themselves. Fix: Edit or create the file /etc/dconf/db/loca ...

Description: The `nosuid` mount option specifies that the filesystem cannot contain `setuid` files. Rationale: Setting this option on a file system prevents users from introducing privileged programs onto the system and allowing non-root users to execute them. Audit: Verify that the `nosuid` option is set if a `/var` partition exists.Run the following command and verify that nothing is returned:# ...

Title: Ensure systemd-journal-remote is installed Description: Journald (via systemd-journal-remote ) supports the ability to send log events it gathers to a remote log host or to receive messages from remote hosts, thus enabling centralized log management. Rationale: Storing log data on a remote host protects log integrity from local attacks. If an attacker gains root access on the ...

Title: Ensure journald log rotation is configured per site policy (SystemMaxUse) Description: Journald includes the capability of rotating log files regularly to avoid filling up the system with logs or making the logs unmanageably large. The file /etc/systemd/journald.conf is the configuration file used to specify how logs generated by Journald should be rotated. Rationale: By keeping ...

Title: Ensure journald default file permissions configured Description: Journald will create logfiles that do not already exist on the system. This setting controls what permissions will be applied to these newly created files. Rationale: It is important to ensure that log files have the correct permissions to ensure that sensitive data is archived and protected. Audit: First see ...

Title: Ensure nosuid option set on /var/log/audit partition Description: The nosuid mount option specifies that the filesystem cannot contain setuid files. Rationale: Since the /var/log/audit filesystem is only intended for variable files such as logs, set this option to ensure that users cannot create setuid files in /var/log/audit . Audit: Verify that the nosuid option is se ...

X Display Manager Control Protocol (XDMCP) is designed to provide authenticated access to display management services for remote displays. Rationale: XDMCP is inherently insecure. 1. XDMCP is not a ciphered protocol. This may allow an attacker to capture keystrokes entered by a user 2. XDMCP is vulnerable to man-in-the-middle attacks. This may allow an attacker to ...

Description: GDM is the GNOME Display Manager which handles graphical login for GNOME based systems. The disable-user-list option controls is a list of users is displayed on the login screen. Rationale: Displaying the user list eliminates half of the Userid/Password equation that an unauthorized person would need to log on. Fix: Edit or create the file ...


Pages:      Start    2    3    4    5    6    7    8    9    10    11    12    13    14    15    ..   3042

© SecPod Technologies