[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256040

 
 

909

 
 

199103

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30477 Download | Alert*

Ensure HTTP Server is not enabled (Not Scored) HTTP or web servers provide the ability to host web site content.

Set Default Group for root Account (Scored) The usermod command can be used to specify which group the root user belongs to. This affects permissions of files that are created by the root user.

Set Warning Banner for Standard Login Services (Scored) The contents of the /etc/issue file are displayed prior to the login prompt on the system's console and serial devices, and also prior to logins via telnet. The contents of the /etc/motd file is generally displayed after all successful logins, no matter where the user is logging in from, but is thought to be less useful because it only provi ...

Remove OS Information from Login Warning Banners (Scored) Unix-based systems have typically displayed information about the OS release and patch level upon logging in to the system. This information can be useful to developers who are developing software for a particular OS platform. If mingetty(8) supports the following options, they display operating system information: \m - machine architectur ...

Ensure Password Fields are Not Empty (Scored) An account with an empty password field means that anybody may log in as that user without providing a password.

Auditing of 'Object Access:��Filtering Platform Packet Drop' events on success should be enabled or disabled as appropriate.

Auditing of 'Object Access:��Kernel Object' events on failure should be enabled or disabled as appropriate.

Disable Expired User Accounts If temporary user accounts remain active when no longer needed or for an excessive period, these accounts may be targeted by attackers to gain unauthorized access. To mitigate this risk, automated termination of all temporary accounts must be set upon account creation. Temporary accounts are established as part of normal account activation procedures when there is a ...

Automatically lock the account until the locked accoutn is released By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account. Setting a lockout expiration of 15 minutes is an effective deterrent against brute forcing that also makes allowances for legi ...

Disable the Prompt for Apple ID and iCloud The prompt for Apple ID and iCloud must be disabled, as it might mislead new users into creating unwanted Apple IDs and iCloud storage accounts upon their first login.


Pages:      Start    3001    3002    3003    3004    3005    3006    3007    3008    3009    3010    3011    3012    3013    3014    ..   3047

© SecPod Technologies