[Forgot Password]
Login  Register Subscribe

30192

 
 

423868

 
 

233236

 
 

909

 
 

186272

 
 

207

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 30192 Download | Alert*

If events associated with non-local administrative access or diagnostic sessions are not logged, a major tool for assessing and investigating attacks would not be available. This requirement addresses auditing-related issues associated with maintenance tools used specifically for diagnostic and repair actions on organizational information systems. Non-local maintenance and diagnostic activities ...

The group of the audit logs must be root. Fix: chown -R :0 /var/audit

Bluetooth sharing allows users to wirelessly transmit files between Mac OS X and Bluetooth-enabled devices, including personally owned cell phones and tablets. A malicious user might introduce viruses or malware onto the system or extract sensitive files. Disabling Bluetooth Sharing mitigates this risk. Fix: To disable Bluetooth Sharing, open System Preferences->Sharing and uncheck the box nex ...

It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors. Operating systems are capable of providing a wide variety of functions and services. ...

Audit log files _MUST_ have the group set to wheel. The audit service _MUST_ be configured to create log files with the correct group ownership to prevent normal users from reading audit logs. Audit logs contain sensitive data about the system and users. If log files are set to be readable and writable only by system administrators, the risk is mitigated. Fix: /usr/bin/chgrp -R wheel $(/usr/b ...

The audit system _MUST_ be configured to record enforcement actions of access restrictions, including failed program execute (-ex) attempts. Enforcement actions are the methods or mechanisms used to prevent unauthorized access and/or changes to configuration settings. One common and effective enforcement action method is using program execution restrictions (e.g., denying users access to execute ...

A deny-all and allow-by-exception firewall policy _MUST_ be employed for managing connections to other systems. Organizations _MUST_ ensure the built-in packet filter firewall is configured correctly to employ the default deny rule. Failure to restrict network connectivity to authorized systems permits inbound connections from malicious systems. It also permits outbound connections that may fac ...

DVD or CD sharing allows other users to remotely access the systems optical drive. Disabling this feature will minimize the risk of an attacker accessing the optical drive and using it as a vector to expose sensitive data. Fix /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.ODSAgent.plist

ICMP redirects are broadcast in order to reshape network traffic. A malicious user could craft fake redirect packets and try to force all network traffic to pass through a network sniffer. If the system is not configured to ignore these packets, it could be suspectible to this kind of attack. Fix: To configure the system to ignore ICMP redirect messages, add the following line to /etc/sysctl.conf ...

An attacker might attempt to log in as an authorized user, through stolen credentials, unpatched exploits, or brute force attempts to guess a valid username and password. If a user is attempting to log in to a system at an unusual time, or if there are many failed attempts, there is a possibility that the system is the target of an attack. Auditing logon events mitigates this risk by recording all ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   3019

© SecPod Technologies