[Forgot Password]
Login  Register Subscribe

24437

 
 

131815

 
 

116370

 
 

909

 
 

90976

 
 

142

 
 
Paid content will be excluded from the download.

Filter
Matches : 24437 Download | Alert*

Set Permissions on the /etc/httpd/conf/ Directory Set permissions on the web server configuration directory to 750: '$ sudo chmod 750 /etc/httpd/conf/'

Set SSH Idle Timeout Interval SSH allows administrators to set an idle timeout interval. After this interval has passed, the idle user will be automatically logged out. To set an idle timeout interval, edit the following line in '/etc/ssh/sshd_config' as follows: 'ClientAliveInterval

Record Events that Modify the System's Discretionary Access Controls - fchownat At a minimum the audit system should collect file permission changes for all users and root. If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following line to a file with suffix '.rules' in the directory '/etc/audit/rules.d': '-a alw ...

Record Attempts to Alter Time Through stime If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following line to a file with suffix '.rules' in the directory '/etc/audit/rules.d' for both 32 bit and 64 bit systems: '-a always,exit -F arch=b32 -S stime -k audit_time_rules' Since the 64 bit version of the "stime" sys ...

Restrict Serial Port Root Logins To restrict root logins on serial ports, ensure lines of this form do not appear in '/etc/securetty': ttyS0 ttyS1

Record Events that Modify the System's Discretionary Access Controls - fchown At a minimum the audit system should collect file permission changes for all users and root. If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following line to a file with suffix '.rules' in the directory '/etc/audit/rules.d': '-a alway ...

Set Password Strength Minimum Special Characters The pam_pwquality module's 'ocredit=' parameter controls requirements for usage of special (or "other") characters in a password. When set to a negative number, any password will be required to contain that many special characters. When set to a positive number, pam_pwquality will grant +1 additional length credit for each special character. Modif ...

Disable Print Server Capabilities To prevent remote users from potentially connecting to and using locally configured printers, disable the CUPS print server sharing capabilities. To do so, limit how the server will listen for print jobs by removing the more generic port directive from /etc/cups/cupsd.conf: 'Port 631' and replacing it with the 'Listen' directive: 'Listen localhost:631' This will ...

Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful) At a minimum the audit system should collect unauthorized file accesses for all users and root. If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following lines to a file with suffix '.rules' in the directory '/etc/audit/rules.d': -a alwa ...

Ensure Default Password Is Not Used Edit '/etc/snmp/snmpd.conf', remove default community string 'public'. Upon doing that, restart the SNMP service: '$ sudo service snmpd restart'


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   2443

© SecPod Technologies