[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

247085

 
 

909

 
 

194218

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 193241 Download | Alert*

The setting controls whether mobile accounts, which synchronize home folders between clients and servers, are visible in the login window. In loginwindow.plist, set the HideMobileAccounts key = true to hide mobile accounts. If the key does not exist, mobile accounts are displayed.

Account creations and account modfications, such as disablement and termination, can all be signs of an intrusion and should be audited. Once an attacker establishes access to a system, the attacker may attempt to create an account to reestablish access at a later time. The attacker may also attempt to modify accounts in an attempt to change an existing account's privileges or disable or delete ac ...

The setting controls whether network users are listed in the login window. In loginwindow.plist, set the IncludeNetworkUser key = false to hide network users. If the key does not exist, network users are not displayed.

Remote access services, such as those providing remote access to network devices and information systems, increase risk and expose those systems to possible cyber attacks, so all remote access should be closely monitored and audited. Only authorized users should be permitted to remotely access DoD non-public information systems. An attacker might attempt to log in as an authorized user, through st ...

Kernel modules, called kernel extensions in Mac OS X, are compiled segments of code that are dynamically loaded into the kernel as required to support specific pieces of hardware or functionality. Privileged users are permitted to load or unload kernel extensions manually. An attacker might attempt to load a kernel extension that is known to be insecure to increase the attack surface of the system ...

Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse, and identify the risk from insider threats and the a ...

The permissions of bash 'init' files must be 444 or as appropriate. /etc/profile it is used to set system wide environmental variables on users shells. /etc/bashrc file is meant for setting command aliases and functions used by bash shell users.

The owner of 'csh init' files must be root or as appropriate. Use the command chown root /etc/csh.cshrc /etc/csh.login /etc/csh.logout to change the owner as appropriate.

Specifies the maximum time the login window can be inactive before the screen saver starts. This is distinct from a user session's idle time. Setting to 900 seconds (15 minutes) instead of the OEM value of unlimited. In loginwindow.plist, set the loginWindowIdleTime key = 900. If the key does not exist, idle time is unlimited.

The owner of the audit logs must be root or as appropriate.


Pages:      Start    11379    11380    11381    11382    11383    11384    11385    11386    11387    11388    11389    11390    11391    11392    ..   19324

© SecPod Technologies