[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 25354 Download | Alert*

Ensure telnet server is not enabled The telnet-server package contains the telnet daemon, which accepts connections from users from other systems via the telnet protocol.

Disable Mounting of squashfs Filesystems The squashfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems (similar to cramfs). A squashfs image can be used without having to first decompress the image.

Ensure rsh server is not enabled The Berkeley rsh-server (rsh, rlogin, rcp) package contains legacy services that exchange credentials in clear-text.

Do Not Allow Users to Set Environment Options The PermitUserEnvironment option allows users to present environment options to the ssh daemon.

Collect System Administrator Actions (sudolog) Monitor the sudo log file. If the system has been properly configured to disable the use of the su command and force all administrators to have to log in first and then use sudo to execute privileged commands, then all administrator commands will be logged to /var/log/sudo.log. Any time a command is executed, an audit event will be triggered as the / ...

Set SSH IgnoreRhosts to Yes The IgnoreRhosts parameter specifies that .rhosts and .shosts files will not be used in RhostsRSAAuthentication or HostbasedAuthentication.

Set User/Group Owner and Permission on /etc/cron.weekly The /etc/cron.weekly directory contains system cron jobs that need to run on a weekly basis. The files in this directory cannot be manipulated by the crontab command, but are instead edited by system administrators using a text editor. The commands below restrict read/write and search access to user and group root, preventing regular users f ...

Ensure DHCP Server is not enabled The Dynamic Host Configuration Protocol (DHCP) is a service that allows machines to be dynamically assigned IP addresses.

Set Password Creation Requirement Parameters Using pam_cracklib The pam_cracklib module checks the strength of passwords. It performs checks such as making sure a password is not a dictionary word, it is a certain length, contains a mix of characters (e.g. alphabet, numeric, other) and more. The following are definitions of the pam_cracklib.so options. * retry=3 - Allow 3 tries before sending ...

Set LogLevel to INFO The INFO parameter specifices that record login and logout activity will be logged.

Pages:      Start    2    3    4    5    6    7    8    9    10    11    12    13    14    15    ..   2535

© SecPod Technologies