Definition of CIS benchmark for SUSE Linux Enterprise Micro (SLEM) 5 for slmicro5
based on https://www.cisecurity.org/cis-benchmarks/#suse_linux
1.1.1.1: Ensure mounting of squashfs filesystems is disabled
Description: None
Levels:
Automated: yes
Selections:
1.1.1.2: Ensure mounting of udf filesystems is disabled
Description: None
Levels:
Automated: yes
Selections:
1.1.1.3: Ensure mounting of FAT filesystems is limited
Description: None
Levels:
Automated: yes
Selections:
1.1.2: Ensure /tmp is configured
Description: None
Levels:
Automated: no
No rules selected
1.1.3: Ensure noexec option set on /tmp partition
Description: None
Levels:
Automated: no
No rules selected
1.1.4: Ensure nodev option set on /tmp partition
Description: None
Levels:
Automated: no
No rules selected
1.1.5: Ensure nosuid option set on /tmp partition
Description: None
Levels:
Automated: no
No rules selected
1.1.6: Ensure /dev/shm is configured
Description: None
Levels:
Automated: yes
Selections:
1.1.7: Ensure noexec option set on /dev/shm partition
Description: None
Levels:
Automated: yes
Selections:
1.1.8: Ensure nodev option set on /dev/shm partition
Description: None
Levels:
Automated: yes
Selections:
1.1.9: Ensure nosuid option set on /dev/shm partition
Description: None
Levels:
Automated: yes
Selections:
1.1.10: Ensure separate partition exists for /var
Description: None
Levels:
Automated: yes
Selections:
1.1.11: Ensure separate partition exists for /var/tmp
Description: None
Levels:
Automated: no
No rules selected
1.1.12: Ensure noexec option set on /var/tmp partition
Description: None
Levels:
Automated: no
No rules selected
1.1.13: Ensure nodev option set on /var/tmp partition
Description: None
Levels:
Automated: no
No rules selected
1.1.14: Ensure nosuid option set on /var/tmp partition
Description: None
Levels:
Automated: no
No rules selected
1.1.15: Ensure separate partition exists for /var/log
Description: None
Levels:
Automated: no
No rules selected
1.1.16: Ensure separate partition exists for /var/log/audit
Description: None
Levels:
Automated: yes
Selections:
1.1.17: Ensure separate partition exists for /home
Description: None
Levels:
Automated: yes
Selections:
1.1.18: Ensure nodev option set on /home partition
Description: None
Levels:
Automated: yes
Selections:
1.1.19: Ensure noexec option set on removable media partitions (Manual)
Description: None
Levels:
Automated: yes
Selections:
1.1.20: Ensure nodev option set on removable media partitions (Manual)
Description: None
Levels:
Automated: yes
Selections:
1.1.21: Ensure nosuid option set on removable media partitions (Manual)
Description: None
Levels:
Automated: yes
Selections:
1.1.22: Ensure sticky bit is set on all world-writable directories
Description: None
Levels:
Automated: yes
Selections:
1.1.23: Disable Automounting
Description: None
Levels:
Automated: yes
Selections:
1.2.1: Ensure GPG keys are configured (Manual)
Description: None
Levels:
Automated: no
Selections:
1.2.2: Ensure package manager repositories are configured (Manual)
Description: None
Levels:
Automated: no
Selections:
1.2.3: Ensure gpgcheck is globally activated
Description: None
Levels:
Automated: yes
Selections:
1.3.1: Ensure sudo is installed
Description: None
Levels:
Automated: yes
Selections:
1.3.2: Ensure sudo commands use pty
Description: None
Levels:
Automated: yes
Selections:
- sudo_add_use_pty: Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty
1.3.3: Ensure sudo log file exists
Description: None
Levels:
Automated: yes
Selections:
1.4.1: Ensure AIDE is installed
Description: None
Levels:
Automated: yes
Selections:
1.4.2: Ensure filesystem integrity is regularly checked
Description: None
Levels:
Automated: yes
Selections:
1.5.1: Ensure bootloader password is set
Description: None
Levels:
Automated: yes
Selections:
1.5.2: Ensure permissions on bootloader config are configured
Description: None
Levels:
Automated: yes
Selections:
1.5.3: Ensure authentication required for single user mode
Description: None
Levels:
Automated: yes
Selections:
1.6.1: Ensure core dumps are restricted
Description: None
Levels:
Automated: yes
Selections:
1.6.2: Ensure XD/NX support is enabled
Description: None
Levels:
Automated: partially
Selections:
1.6.3: Ensure address space layout randomization (ASLR) is enabled
Description: None
Levels:
Automated: yes
Selections:
1.6.4: Ensure prelink is not installed
Description: None
Levels:
Automated: yes
Selections:
1.7.1.1: Ensure AppArmor is installed
Description: None
Levels:
Automated: yes
Selections:
1.7.1.2: Ensure AppArmor is enabled in the bootloader configuration
Description: None
Levels:
Automated: no
No rules selected
1.7.1.3: Ensure all AppArmor Profiles are in enforce or complain mode
Description: None
Levels:
Automated: no
No rules selected
1.7.1.4: Ensure all AppArmor Profiles are enforcing
Description: None
Levels:
Automated: no
No rules selected
1.8.1.1: Ensure message of the day is configured properly
Description: None
Levels:
Automated: yes
Selections:
1.8.1.2: Ensure local login warning banner is configured properly
Description: None
Levels:
Automated: yes
Selections:
1.8.1.3: Ensure remote login warning banner is configured properly
Description: None
Levels:
Automated: yes
Selections:
1.8.1.4: Ensure permissions on /etc/motd are configured
Description: None
Levels:
Automated: yes
Selections:
1.8.1.5: Ensure permissions on /etc/issue are configured
Description: None
Levels:
Automated: yes
Selections:
1.8.1.6: Ensure permissions on /etc/issue.net are configured
Description: None
Levels:
Automated: yes
Selections:
1.9: Ensure updates, patches, and additional security software are installed (Manual)
Description: None
Levels:
Automated: no
No rules selected
1.1: Ensure GDM login banner is configured
Description: None
Levels:
Automated: yes
Selections:
2.1.1: Ensure xinetd is not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.1.1: Ensure time synchronization is in use
Description: None
Levels:
Automated: yes
Selections:
2.2.1.3: Ensure chrony is configured
Description: None
Levels:
Automated: yes
Selections:
2.2.2: Ensure X11 Server components are not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.3: Ensure Avahi Server is not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.4: Ensure CUPS is not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.5: Ensure DHCP Server is not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.6: Ensure LDAP server is not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.7: Ensure nfs-utils is not installed or the nfs-server service is masked
Description: None
Levels:
Automated: yes
Selections:
2.2.8: Ensure rpcbind is not installed or the rpcbind services are masked
Description: None
Levels:
Automated: no
No rules selected
2.2.9: Ensure DNS Server is not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.10: Ensure FTP Server is not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.11: Ensure HTTP server is not installed
Description: None
Levels:
Automated: partially
Selections:
2.2.12: Ensure IMAP and POP3 server is not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.13: Ensure Samba is not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.14: Ensure HTTP Proxy Server is not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.15: Ensure net-snmp is not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.16: Ensure mail transfer agent is configured for local-only mode
Description: None
Levels:
Automated: yes
Selections:
2.2.18: Ensure NIS server is not installed
Description: None
Levels:
Automated: yes
Selections:
2.2.19: Ensure telnet-server is not installed
Description: None
Levels:
Automated: yes
Selections:
2.3.1: Ensure NIS Client is not installed
Description: None
Levels:
Automated: yes
Selections:
2.3.2: Ensure rsh client is not installed
Description: None
Levels:
Automated: yes
Selections:
2.3.3: Ensure talk client is not installed
Description: None
Levels:
Automated: yes
Selections:
2.3.4: Ensure telnet client is not installed
Description: None
Levels:
Automated: yes
Selections:
2.3.5: Ensure LDAP client is not installed
Description: None
Levels:
Automated: yes
Selections:
2.4: Ensure nonessential services are removed or masked (Manual)
Description: None
Levels:
Automated: no
No rules selected
3.1.1: Disable IPv6
Description: None
Levels:
Automated: yes
Selections:
3.1.2: Ensure wireless interfaces are disabled (Manual)
Description: None
Levels:
Automated: yes
Selections:
3.2.1: Ensure IP forwarding is disabled
Description: None
Levels:
Automated: yes
Selections:
3.2.2: Ensure packet redirect sending is disabled
Description: None
Levels:
Automated: yes
Selections:
3.3.1: Ensure source routed packets are not accepted
Description: None
Levels:
Automated: yes
Selections:
3.3.2: Ensure ICMP redirects are not accepted
Description: None
Levels:
Automated: yes
Selections:
3.3.3: Ensure secure ICMP redirects are not accepted
Description: None
Levels:
Automated: yes
Selections:
3.3.4: Ensure suspicious packets are logged
Description: None
Levels:
Automated: yes
Selections:
3.3.5: Ensure broadcast ICMP requests are ignored
Description: None
Levels:
Automated: yes
Selections:
3.3.6: Ensure bogus ICMP responses are ignored
Description: None
Levels:
Automated: yes
Selections:
3.3.7: Ensure Reverse Path Filtering is enabled
Description: None
Levels:
Automated: yes
Selections:
3.3.8: Ensure TCP SYN Cookies is enabled
Description: None
Levels:
Automated: yes
Selections:
3.3.9: Ensure IPv6 router advertisements are not accepted
Description: None
Levels:
Automated: yes
Selections:
3.4.1: Ensure DCCP is disabled
Description: None
Levels:
Automated: yes
Selections:
3.4.2: Ensure SCTP is disabled
Description: None
Levels:
Automated: yes
Selections:
3.5.1.1: Ensure FirewallD is installed
Description: None
Levels:
Automated: yes
Selections:
3.5.1.2: Ensure nftables is not installed or stopped and masked
Description: None
Levels:
Automated: yes
Selections:
3.5.1.3: Ensure firewalld service is enabled and running
Description: None
Levels:
Automated: yes
Selections:
3.5.1.4: Ensure default zone is set
Description: None
Levels:
Automated: yes
Selections:
3.5.1.5: Ensure network interfaces are assigned to appropriate zone (Manual)
Description: None
Levels:
Automated: no
Selections:
3.5.1.6: Ensure unnecessary services and ports are not accepted (Manual)
Description: None
Levels:
Automated: no
Selections:
3.5.2.1: Ensure nftables is installed
Description: None
Levels:
Automated: yes
Selections:
3.5.2.2: Ensure firewalld is not installed or stopped and masked
Description: None
Levels:
Automated: yes
Selections:
3.5.2.3: Ensure iptables are flushed (Manual)
Description: None
Levels:
Automated: no
Selections:
3.5.2.4: Ensure a table exists
Description: None
Levels:
Automated: yes
Selections:
3.5.2.5: Ensure base chains exist
Description: None
Levels:
Automated: yes
Selections:
3.5.2.6: Ensure loopback traffic is configured
Description: None
Levels:
Automated: no
Selections:
3.5.2.7: Ensure outbound and established connections are configured (Manual)
Description: None
Levels:
Automated: no
Selections:
3.5.2.8: Ensure default deny firewall policy
Description: None
Levels:
Automated: yes
Selections:
3.5.2.9: Ensure nftables service is enabled
Description: None
Levels:
Automated: yes
Selections:
3.5.2.10: Ensure nftables rules are permanent
Description: None
Levels:
Automated: yes
Selections:
3.5.3.1.1: Ensure iptables package is installed
Description: None
Levels:
Automated: yes
Selections:
3.5.3.1.2: Ensure nftables is not installed
Description: None
Levels:
Automated: no
No rules selected
3.5.3.1.3: Ensure firewalld is not installed or stopped and masked
Description: None
Levels:
Automated: yes
Selections:
3.5.3.2.1: Ensure default deny firewall policy
Description: None
Levels:
Automated: partially
Selections:
3.5.3.2.2: Ensure loopback traffic is configured
Description: None
Levels:
Automated: yes
Selections:
3.5.3.2.3: Ensure outbound and established connections are configured (Manual)
Description: None
Levels:
Automated: no
Selections:
3.5.3.2.4: Ensure firewall rules exist for all open ports
Description: None
Levels:
Automated: no
Selections:
3.5.3.3.1: Ensure IPv6 default deny firewall policy
Description: None
Levels:
Automated: partially
Selections:
3.5.3.3.2: Ensure IPv6 loopback traffic is configured
Description: None
Levels:
Automated: yes
Selections:
3.5.3.3.3: Ensure IPv6 outbound and established connections are configured (Manual)
Description: None
Levels:
Automated: no
Selections:
3.5.3.3.4: Ensure IPv6 firewall rules exist for all open ports (Manual)
Description: None
Levels:
Automated: no
No rules selected
4.1.1.1: Ensure auditd is installed
Description: None
Levels:
Automated: yes
Selections:
4.1.1.2: Ensure auditd service is enabled and running
Description: None
Levels:
Automated: yes
Selections:
4.1.1.3: Ensure auditing for processes that start prior to auditd is enabled
Description: None
Levels:
Automated: yes
Selections:
4.1.2.1: Ensure audit log storage size is configured
Description: None
Levels:
Automated: yes
Selections:
4.1.2.2: Ensure audit logs are not automatically deleted
Description: None
Levels:
Automated: yes
Selections:
4.1.2.3: Ensure system is disabled when audit logs are full
Description: None
Levels:
Automated: yes
Selections:
4.1.2.4: Ensure audit_backlog_limit is sufficient
Description: None
Levels:
Automated: yes
Selections:
4.1.3: Ensure events that modify date and time information are collected
Description: None
Levels:
Automated: partially
Selections:
4.1.4: Ensure events that modify user/group information are collected
Description: None
Levels:
Automated: yes
Selections:
4.1.5: Ensure events that modify the system's network environment are collected
Description: None
Levels:
Automated: yes
Selections:
4.1.6: Ensure events that modify the system's Mandatory Access Controls are collected
Description: None
Levels:
Automated: yes
Selections:
4.1.7: Ensure login and logout events are collected
Description: None
Levels:
Automated: yes
Selections:
4.1.8: Ensure session initiation information is collected
Description: None
Levels:
Automated: yes
Selections:
4.1.9: Ensure discretionary access control permission modification events are collected
Description: None
Levels:
Automated: yes
Selections:
4.1.10: Ensure unsuccessful unauthorized file access attempts are collected
Description: None
Levels:
Automated: yes
Selections:
4.1.11: Ensure use of privileged commands is collected
Description: None
Levels:
Automated: no
No rules selected
4.1.12: Ensure successful file system mounts are collected
Description: None
Levels:
Automated: yes
Selections:
4.1.13: Ensure file deletion events by users are collected
Description: None
Levels:
Automated: yes
Selections:
4.1.14: Ensure changes to system administration scope (sudoers) is collected
Description: None
Levels:
Automated: yes
Selections:
4.1.15: Ensure system administrator actions (sudolog) are collected
Description: None
Levels:
Automated: yes
Selections:
4.1.16: Ensure kernel module loading and unloading is collected
Description: None
Levels:
Automated: yes
Selections:
4.1.17: Ensure the audit configuration is immutable
Description: None
Levels:
Automated: yes
Selections:
4.2.1.1: Ensure rsyslog is installed
Description: None
Levels:
Automated: no
No rules selected
4.2.1.2: Ensure rsyslog Service is enabled and running
Description: None
Levels:
Automated: no
No rules selected
4.2.1.3: Ensure rsyslog default file permissions configured
Description: None
Levels:
Automated: yes
Selections:
4.2.1.4: Ensure logging is configured (Manual)
Description: None
Levels:
Automated: no
No rules selected
4.2.1.5: Ensure rsyslog is configured to send logs to a remote log host
Description: None
Levels:
Automated: no
Selections:
4.2.1.6: Ensure remote rsyslog messages are only accepted on designated log hosts. (Manual)
Description: None
Levels:
Automated: no
No rules selected
4.2.2.1: Ensure journald is configured to send logs to rsyslog
Description: None
Levels:
Automated: yes
Selections:
4.2.2.2: Ensure journald is configured to compress large log files
Description: None
Levels:
Automated: yes
Selections:
4.2.2.3: Ensure journald is configured to write logfiles to persistent disk
Description: None
Levels:
Automated: yes
Selections:
- journald_storage: Ensure journald is configured to write log files to persistent disk
4.2.3: Ensure permissions on all logfiles are configured
Description: None
Levels:
Automated: partially
Selections:
4.2.4: Ensure logrotate is configured (Manual)
Description: None
Levels:
Automated: yes
Selections:
5.1.1: Ensure cron daemon is enabled and running
Description: None
Levels:
Automated: no
No rules selected
5.1.2: Ensure permissions on /etc/crontab are configured
Description: None
Levels:
Automated: no
No rules selected
5.1.3: Ensure permissions on /etc/cron.hourly are configured
Description: None
Levels:
Automated: no
No rules selected
5.1.4: Ensure permissions on /etc/cron.daily are configured
Description: None
Levels:
Automated: no
No rules selected
5.1.5: Ensure permissions on /etc/cron.weekly are configured
Description: None
Levels:
Automated: no
No rules selected
5.1.6: Ensure permissions on /etc/cron.monthly are configured
Description: None
Levels:
Automated: no
No rules selected
5.1.7: Ensure permissions on /etc/cron.d are configured
Description: None
Levels:
Automated: no
No rules selected
5.1.8: Ensure cron is restricted to authorized users
Description: None
Levels:
Automated: no
No rules selected
5.1.9: Ensure at is restricted to authorized users
Description: None
Levels:
Automated: yes
Selections:
5.2.1: Ensure permissions on /etc/ssh/sshd_config are configured
Description: None
Levels:
Automated: yes
Selections:
5.2.2: Ensure permissions on SSH private host key files are configured
Description: None
Levels:
Automated: partially
Selections:
5.2.3: Ensure permissions on SSH public host key files are configured
Description: None
Levels:
Automated: partially
Selections:
5.2.4: Ensure SSH access is limited
Description: None
Levels:
Automated: yes
Selections:
5.2.5: Ensure SSH LogLevel is appropriate
Description: None
Levels:
Automated: yes
Selections:
5.2.6: Ensure SSH X11 forwarding is disabled
Description: None
Levels:
Automated: yes
Selections:
5.2.7: Ensure SSH MaxAuthTries is set to 4 or less
Description: None
Levels:
Automated: yes
Selections:
5.2.8: Ensure SSH IgnoreRhosts is enabled
Description: None
Levels:
Automated: yes
Selections:
5.2.9: Ensure SSH HostbasedAuthentication is disabled
Description: None
Levels:
Automated: yes
Selections:
5.2.10: Ensure SSH root login is disabled
Description: None
Levels:
Automated: yes
Selections:
5.2.11: Ensure SSH PermitEmptyPasswords is disabled
Description: None
Levels:
Automated: yes
Selections:
5.2.12: Ensure SSH PermitUserEnvironment is disabled
Description: None
Levels:
Automated: yes
Selections:
5.2.13: Ensure only strong Ciphers are used
Description: None
Levels:
Automated: yes
Selections:
5.2.14: Ensure only strong MAC algorithms are used
Description: None
Levels:
Automated: yes
Selections:
5.2.15: Ensure only strong Key Exchange algorithms are used
Description: None
Levels:
Automated: yes
Selections:
5.2.16: Ensure SSH Idle Timeout Interval is configured
Description: None
Levels:
Automated: yes
Selections:
5.2.17: Ensure SSH LoginGraceTime is set to one minute or less
Description: None
Levels:
Automated: yes
Selections:
5.2.18: Ensure SSH warning banner is configured
Description: None
Levels:
Automated: yes
Selections:
5.2.19: Ensure SSH PAM is enabled
Description: None
Levels:
Automated: yes
Selections:
5.2.20: Ensure SSH AllowTcpForwarding is disabled
Description: None
Levels:
Automated: yes
Selections:
5.2.21: Ensure SSH MaxStartups is configured
Description: None
Levels:
Automated: yes
Selections:
5.2.22: Ensure SSH MaxSessions is limited
Description: None
Levels:
Automated: yes
Selections:
5.3.1: Ensure password creation requirements are configured
Description: None
Levels:
Automated: yes
Selections:
5.3.2: Ensure lockout for failed password attempts is configured
Description: None
Levels:
Automated: yes
Selections:
5.3.3: Ensure password reuse is limited
Description: None
Levels:
Automated: yes
Selections:
5.4.1.1: Ensure password hashing algorithm is SHA-512
Description: None
Levels:
Automated: yes
Selections:
5.4.1.2: Ensure password expiration is 365 days or less
Description: None
Levels:
Automated: yes
Selections:
5.4.1.3: Ensure minimum days between password changes is configured
Description: None
Levels:
Automated: yes
Selections:
5.4.1.4: Ensure password expiration warning days is 7 or more
Description: None
Levels:
Automated: yes
Selections:
5.4.1.5: Ensure inactive password lock is 30 days or less
Description: None
Levels:
Automated: yes
Selections:
5.4.1.6: Ensure all users last password change date is in the past
Description: None
Levels:
Automated: partially
Selections:
5.4.2: Ensure system accounts are secured
Description: None
Levels:
Automated: partially
Selections:
5.4.3: Ensure default group for the root account is GID 0
Description: None
Levels:
Automated: yes
Selections:
5.4.4: Ensure default user shell timeout is configured
Description: None
Levels:
Automated: partially
Selections:
5.4.5: Ensure default user umask is configured
Description: None
Levels:
Automated: partially
Selections:
5.5: Ensure root login is restricted to system console (Manual)
Description: None
Levels:
Automated: yes
Selections:
5.6: Ensure access to the su command is restricted
Description: None
Levels:
Automated: partially
Selections:
6.1.1: Audit system file permissions (Manual)
Description: None
Levels:
Automated: no
No rules selected
6.1.2: Ensure permissions on /etc/passwd are configured
Description: None
Levels:
Automated: yes
Selections:
6.1.3: Ensure permissions on /etc/shadow are configured
Description: None
Levels:
Automated: yes
Selections:
6.1.4: Ensure permissions on /etc/group are configured
Description: None
Levels:
Automated: yes
Selections:
6.1.5: Ensure permissions on /etc/passwd- are configured
Description: None
Levels:
Automated: yes
Selections:
6.1.6: Ensure permissions on /etc/shadow- are configured
Description: None
Levels:
Automated: yes
Selections:
6.1.7: Ensure permissions on /etc/group- are configured
Description: None
Levels:
Automated: yes
Selections:
6.1.8: Ensure no world writable files exist
Description: None
Levels:
Automated: yes
Selections:
6.1.9: Ensure no unowned files or directories exist
Description: None
Levels:
Automated: yes
Selections:
6.1.10: Ensure no ungrouped files or directories exist
Description: None
Levels:
Automated: yes
Selections:
6.1.11: Audit SUID executables (Manual)
Description: None
Levels:
Automated: no
No rules selected
6.1.12: Audit SGID executables (Manual)
Description: None
Levels:
Automated: no
No rules selected
6.2.1: Ensure accounts in /etc/passwd use shadowed passwords
Description: None
Levels:
Automated: yes
Selections:
6.2.2: Ensure /etc/shadow password fields are not empty
Description: None
Levels:
Automated: yes
Selections:
6.2.3: Ensure root is the only UID 0 account
Description: None
Levels:
Automated: yes
Selections:
6.2.4: Ensure root PATH Integrity
Description: None
Levels:
Automated: yes
Selections:
6.2.5: Ensure all users' home directories exist
Description: None
Levels:
Automated: yes
Selections:
6.2.6: Ensure users' home directories permissions are 750 or more restrictive
Description: None
Levels:
Automated: yes
Selections:
6.2.7: Ensure users own their home directories
Description: None
Levels:
Automated: no
No rules selected
6.2.8: Ensure users' dot files are not group or world writable
Description: None
Levels:
Automated: no
No rules selected
6.2.9: Ensure no users have .forward files
Description: None
Levels:
Automated: yes
Selections:
6.2.10: Ensure no users have .netrc files
Description: None
Levels:
Automated: yes
Selections:
6.2.11: Ensure users' .netrc Files are not group or world accessible
Description: None
Levels:
Automated: yes
Selections:
6.2.12: Ensure no users have .rhosts files
Description: None
Levels:
Automated: no
No rules selected
6.2.13: Ensure all groups in /etc/passwd exist in /etc/group
Description: None
Levels:
Automated: yes
Selections:
6.2.14: Ensure no duplicate UIDs exist
Description: None
Levels:
Automated: yes
Selections:
6.2.15: Ensure no duplicate GIDs exist
Description: None
Levels:
Automated: yes
Selections:
6.2.16: Ensure no duplicate user names exist
Description: None
Levels:
Automated: yes
Selections:
6.2.17: Ensure no duplicate group names exist
Description: None
Levels:
Automated: yes
Selections:
6.2.18: Ensure shadow group is empty
Description: None
Levels:
Automated: yes
Selections: