2022-10-05 23:53:13 -04:00
|
|
|
---
|
2022-10-05 23:55:37 -04:00
|
|
|
# defaults file for rhel9_cis
|
2025-10-30 11:44:53 -04:00
|
|
|
var_system_crypto_policy: DEFAULT:NO-SHA1
|
2023-02-06 17:04:34 -05:00
|
|
|
inactivity_timeout_value: '900'
|
|
|
|
|
var_screensaver_lock_delay: '5'
|
2022-10-05 23:55:37 -04:00
|
|
|
var_sudo_logfile: /var/log/sudo.log
|
|
|
|
|
var_sudo_timestamp_timeout: '5'
|
|
|
|
|
var_authselect_profile: sssd
|
2025-10-30 11:53:48 -04:00
|
|
|
cis_banner_text: Authorized users only. All activity may be monitored and reported.
|
|
|
|
|
login_banner_text: ^(Authorized[\s\n]+users[\s\n]+only\.[\s\n]+All[\s\n]+activity[\s\n]+may[\s\n]+be[\s\n]+monitored[\s\n]+and[\s\n]+reported\.|^(?!.*(\\|fedora|rhel|sle|ubuntu)).*)$
|
2025-10-30 11:44:53 -04:00
|
|
|
var_password_pam_remember: '24'
|
2023-05-04 10:45:41 -04:00
|
|
|
var_password_pam_remember_control_flag: requisite,required
|
2025-10-30 11:44:53 -04:00
|
|
|
var_accounts_passwords_pam_faillock_deny: '5'
|
2022-10-05 23:55:37 -04:00
|
|
|
var_accounts_passwords_pam_faillock_unlock_time: '900'
|
2025-10-30 11:44:53 -04:00
|
|
|
var_password_pam_dictcheck: '1'
|
|
|
|
|
var_password_pam_difok: '2'
|
|
|
|
|
var_password_pam_maxrepeat: '3'
|
2022-10-05 23:55:37 -04:00
|
|
|
var_password_pam_minclass: '4'
|
|
|
|
|
var_password_pam_minlen: '14'
|
2025-10-30 11:44:53 -04:00
|
|
|
var_password_hashing_algorithm_pam: sha512
|
2023-05-04 10:45:41 -04:00
|
|
|
var_password_hashing_algorithm: SHA512
|
2025-10-30 11:44:53 -04:00
|
|
|
var_account_disable_post_pw_expiration: '45'
|
2022-10-05 23:55:37 -04:00
|
|
|
var_accounts_maximum_age_login_defs: '365'
|
2023-02-06 17:04:34 -05:00
|
|
|
var_accounts_minimum_age_login_defs: '1'
|
2022-10-05 23:55:37 -04:00
|
|
|
var_accounts_password_warn_age_login_defs: '7'
|
2024-02-07 20:48:37 -05:00
|
|
|
var_pam_wheel_group_for_su: sugroup
|
2022-10-05 23:55:37 -04:00
|
|
|
var_accounts_tmout: '900'
|
2025-10-30 11:44:53 -04:00
|
|
|
var_user_initialization_files_regex: ^\.[\w\- ]+$
|
2022-10-05 23:55:37 -04:00
|
|
|
var_accounts_user_umask: '027'
|
|
|
|
|
sysctl_net_ipv6_conf_all_accept_ra_value: '0'
|
|
|
|
|
sysctl_net_ipv6_conf_all_accept_redirects_value: '0'
|
|
|
|
|
sysctl_net_ipv6_conf_all_accept_source_route_value: '0'
|
|
|
|
|
sysctl_net_ipv6_conf_all_forwarding_value: '0'
|
|
|
|
|
sysctl_net_ipv6_conf_default_accept_ra_value: '0'
|
|
|
|
|
sysctl_net_ipv6_conf_default_accept_redirects_value: '0'
|
|
|
|
|
sysctl_net_ipv6_conf_default_accept_source_route_value: '0'
|
|
|
|
|
sysctl_net_ipv4_conf_all_accept_redirects_value: '0'
|
|
|
|
|
sysctl_net_ipv4_conf_all_accept_source_route_value: '0'
|
|
|
|
|
sysctl_net_ipv4_conf_all_log_martians_value: '1'
|
|
|
|
|
sysctl_net_ipv4_conf_all_rp_filter_value: '1'
|
|
|
|
|
sysctl_net_ipv4_conf_all_secure_redirects_value: '0'
|
|
|
|
|
sysctl_net_ipv4_conf_default_accept_redirects_value: '0'
|
|
|
|
|
sysctl_net_ipv4_conf_default_accept_source_route_value: '0'
|
|
|
|
|
sysctl_net_ipv4_conf_default_log_martians_value: '1'
|
|
|
|
|
sysctl_net_ipv4_conf_default_rp_filter_value: '1'
|
|
|
|
|
sysctl_net_ipv4_conf_default_secure_redirects_value: '0'
|
|
|
|
|
sysctl_net_ipv4_icmp_echo_ignore_broadcasts_value: '1'
|
|
|
|
|
sysctl_net_ipv4_icmp_ignore_bogus_error_responses_value: '1'
|
|
|
|
|
sysctl_net_ipv4_tcp_syncookies_value: '1'
|
|
|
|
|
var_selinux_policy_name: targeted
|
|
|
|
|
var_selinux_state: enforcing
|
|
|
|
|
var_postfix_inet_interfaces: loopback-only
|
|
|
|
|
var_multiple_time_servers: 0.rhel.pool.ntp.org,1.rhel.pool.ntp.org,2.rhel.pool.ntp.org,3.rhel.pool.ntp.org
|
2025-10-29 21:10:43 -04:00
|
|
|
var_sshd_set_keepalive: '1'
|
2025-10-30 11:44:53 -04:00
|
|
|
sshd_idle_timeout_value: '300'
|
2022-10-05 23:55:37 -04:00
|
|
|
var_sshd_set_login_grace_time: '60'
|
|
|
|
|
sshd_max_auth_tries_value: '4'
|
|
|
|
|
var_sshd_max_sessions: '10'
|
|
|
|
|
var_sshd_set_maxstartups: 10:30:60
|
2025-10-30 11:44:53 -04:00
|
|
|
sshd_strong_kex: -diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1
|
|
|
|
|
sshd_strong_macs: -hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-sha1-96,umac-64@openssh.com,hmac-md5-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,umac-64-etm@openssh.com
|
2025-10-29 21:10:43 -04:00
|
|
|
var_accounts_passwords_pam_faillock_dir: /var/run/faillock
|
2025-10-30 11:44:53 -04:00
|
|
|
var_auditd_disk_error_action: syslog|single|halt
|
|
|
|
|
var_auditd_disk_full_action: halt|single
|
2025-10-29 21:10:43 -04:00
|
|
|
var_auditd_action_mail_acct: root
|
2025-10-30 11:44:53 -04:00
|
|
|
var_auditd_admin_space_left_action: single|halt
|
2025-10-29 21:10:43 -04:00
|
|
|
var_auditd_max_log_file: '6'
|
|
|
|
|
var_auditd_max_log_file_action: keep_logs
|
2025-10-30 11:44:53 -04:00
|
|
|
var_auditd_space_left_action: email|exec|single|halt
|
2025-10-30 11:59:20 -04:00
|
|
|
DISA_STIG_RHEL_09_171011: true
|
2025-10-30 11:44:53 -04:00
|
|
|
DISA_STIG_RHEL_09_211030: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_211040: true
|
|
|
|
|
DISA_STIG_RHEL_09_212025: true
|
|
|
|
|
DISA_STIG_RHEL_09_212030: true
|
|
|
|
|
DISA_STIG_RHEL_09_212055: true
|
2025-10-30 11:44:53 -04:00
|
|
|
DISA_STIG_RHEL_09_213060: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_213065: true
|
|
|
|
|
DISA_STIG_RHEL_09_213070: true
|
2025-10-30 11:44:53 -04:00
|
|
|
DISA_STIG_RHEL_09_213080: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_213085: true
|
|
|
|
|
DISA_STIG_RHEL_09_213090: true
|
|
|
|
|
DISA_STIG_RHEL_09_214015: true
|
|
|
|
|
DISA_STIG_RHEL_09_215015: true
|
2025-10-30 11:44:53 -04:00
|
|
|
DISA_STIG_RHEL_09_215030: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_215040: true
|
|
|
|
|
DISA_STIG_RHEL_09_215060: true
|
2025-10-30 11:59:20 -04:00
|
|
|
DISA_STIG_RHEL_09_215105: true
|
2025-10-30 11:44:53 -04:00
|
|
|
DISA_STIG_RHEL_09_231040: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_231045: true
|
|
|
|
|
DISA_STIG_RHEL_09_231050: true
|
|
|
|
|
DISA_STIG_RHEL_09_231110: true
|
|
|
|
|
DISA_STIG_RHEL_09_231115: true
|
|
|
|
|
DISA_STIG_RHEL_09_231120: true
|
|
|
|
|
DISA_STIG_RHEL_09_231125: true
|
|
|
|
|
DISA_STIG_RHEL_09_231130: true
|
|
|
|
|
DISA_STIG_RHEL_09_231135: true
|
|
|
|
|
DISA_STIG_RHEL_09_231140: true
|
|
|
|
|
DISA_STIG_RHEL_09_231145: true
|
|
|
|
|
DISA_STIG_RHEL_09_231150: true
|
|
|
|
|
DISA_STIG_RHEL_09_231155: true
|
|
|
|
|
DISA_STIG_RHEL_09_231160: true
|
|
|
|
|
DISA_STIG_RHEL_09_231165: true
|
|
|
|
|
DISA_STIG_RHEL_09_231170: true
|
|
|
|
|
DISA_STIG_RHEL_09_231175: true
|
|
|
|
|
DISA_STIG_RHEL_09_231180: true
|
|
|
|
|
DISA_STIG_RHEL_09_231185: true
|
2025-10-30 11:44:53 -04:00
|
|
|
DISA_STIG_RHEL_09_231195: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_232040: true
|
|
|
|
|
DISA_STIG_RHEL_09_232050: true
|
|
|
|
|
DISA_STIG_RHEL_09_232055: true
|
|
|
|
|
DISA_STIG_RHEL_09_232060: true
|
|
|
|
|
DISA_STIG_RHEL_09_232065: true
|
|
|
|
|
DISA_STIG_RHEL_09_232070: true
|
|
|
|
|
DISA_STIG_RHEL_09_232075: true
|
|
|
|
|
DISA_STIG_RHEL_09_232080: true
|
|
|
|
|
DISA_STIG_RHEL_09_232085: true
|
|
|
|
|
DISA_STIG_RHEL_09_232090: true
|
|
|
|
|
DISA_STIG_RHEL_09_232095: true
|
|
|
|
|
DISA_STIG_RHEL_09_232100: true
|
2025-10-30 11:59:20 -04:00
|
|
|
DISA_STIG_RHEL_09_232103: true
|
|
|
|
|
DISA_STIG_RHEL_09_232104: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_232105: true
|
|
|
|
|
DISA_STIG_RHEL_09_232110: true
|
|
|
|
|
DISA_STIG_RHEL_09_232115: true
|
|
|
|
|
DISA_STIG_RHEL_09_232120: true
|
|
|
|
|
DISA_STIG_RHEL_09_232125: true
|
|
|
|
|
DISA_STIG_RHEL_09_232130: true
|
|
|
|
|
DISA_STIG_RHEL_09_232135: true
|
|
|
|
|
DISA_STIG_RHEL_09_232140: true
|
|
|
|
|
DISA_STIG_RHEL_09_232145: true
|
|
|
|
|
DISA_STIG_RHEL_09_232150: true
|
|
|
|
|
DISA_STIG_RHEL_09_232155: true
|
|
|
|
|
DISA_STIG_RHEL_09_232160: true
|
|
|
|
|
DISA_STIG_RHEL_09_232165: true
|
|
|
|
|
DISA_STIG_RHEL_09_232230: true
|
|
|
|
|
DISA_STIG_RHEL_09_232235: true
|
|
|
|
|
DISA_STIG_RHEL_09_232245: true
|
|
|
|
|
DISA_STIG_RHEL_09_232265: true
|
|
|
|
|
DISA_STIG_RHEL_09_232270: true
|
2024-02-22 19:00:04 -05:00
|
|
|
DISA_STIG_RHEL_09_251010: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_251015: true
|
2025-10-30 11:53:48 -04:00
|
|
|
DISA_STIG_RHEL_09_252010: true
|
2025-10-29 21:10:43 -04:00
|
|
|
DISA_STIG_RHEL_09_252020: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_253010: true
|
|
|
|
|
DISA_STIG_RHEL_09_253015: true
|
|
|
|
|
DISA_STIG_RHEL_09_253020: true
|
|
|
|
|
DISA_STIG_RHEL_09_253025: true
|
|
|
|
|
DISA_STIG_RHEL_09_253030: true
|
|
|
|
|
DISA_STIG_RHEL_09_253035: true
|
|
|
|
|
DISA_STIG_RHEL_09_253040: true
|
|
|
|
|
DISA_STIG_RHEL_09_253045: true
|
|
|
|
|
DISA_STIG_RHEL_09_253050: true
|
|
|
|
|
DISA_STIG_RHEL_09_253055: true
|
|
|
|
|
DISA_STIG_RHEL_09_253060: true
|
|
|
|
|
DISA_STIG_RHEL_09_253065: true
|
|
|
|
|
DISA_STIG_RHEL_09_253070: true
|
|
|
|
|
DISA_STIG_RHEL_09_254010: true
|
|
|
|
|
DISA_STIG_RHEL_09_254015: true
|
|
|
|
|
DISA_STIG_RHEL_09_254020: true
|
|
|
|
|
DISA_STIG_RHEL_09_254025: true
|
|
|
|
|
DISA_STIG_RHEL_09_254030: true
|
|
|
|
|
DISA_STIG_RHEL_09_254035: true
|
|
|
|
|
DISA_STIG_RHEL_09_254040: true
|
|
|
|
|
DISA_STIG_RHEL_09_255030: true
|
|
|
|
|
DISA_STIG_RHEL_09_255040: true
|
|
|
|
|
DISA_STIG_RHEL_09_255045: true
|
|
|
|
|
DISA_STIG_RHEL_09_255050: true
|
2025-10-30 11:59:20 -04:00
|
|
|
DISA_STIG_RHEL_09_255070: true
|
|
|
|
|
DISA_STIG_RHEL_09_255075: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_255080: true
|
|
|
|
|
DISA_STIG_RHEL_09_255085: true
|
|
|
|
|
DISA_STIG_RHEL_09_255095: true
|
|
|
|
|
DISA_STIG_RHEL_09_255100: true
|
|
|
|
|
DISA_STIG_RHEL_09_255105: true
|
|
|
|
|
DISA_STIG_RHEL_09_255110: true
|
|
|
|
|
DISA_STIG_RHEL_09_255115: true
|
|
|
|
|
DISA_STIG_RHEL_09_255120: true
|
|
|
|
|
DISA_STIG_RHEL_09_255125: true
|
2025-10-30 11:44:53 -04:00
|
|
|
DISA_STIG_RHEL_09_255135: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_255145: true
|
|
|
|
|
DISA_STIG_RHEL_09_271010: true
|
|
|
|
|
DISA_STIG_RHEL_09_271015: true
|
|
|
|
|
DISA_STIG_RHEL_09_271020: true
|
|
|
|
|
DISA_STIG_RHEL_09_271025: true
|
|
|
|
|
DISA_STIG_RHEL_09_271030: true
|
|
|
|
|
DISA_STIG_RHEL_09_271035: true
|
|
|
|
|
DISA_STIG_RHEL_09_271065: true
|
|
|
|
|
DISA_STIG_RHEL_09_271070: true
|
|
|
|
|
DISA_STIG_RHEL_09_271075: true
|
|
|
|
|
DISA_STIG_RHEL_09_271080: true
|
|
|
|
|
DISA_STIG_RHEL_09_271090: true
|
|
|
|
|
DISA_STIG_RHEL_09_271115: true
|
|
|
|
|
DISA_STIG_RHEL_09_291010: true
|
|
|
|
|
DISA_STIG_RHEL_09_291040: true
|
|
|
|
|
DISA_STIG_RHEL_09_411010: true
|
|
|
|
|
DISA_STIG_RHEL_09_411015: true
|
|
|
|
|
DISA_STIG_RHEL_09_411035: true
|
|
|
|
|
DISA_STIG_RHEL_09_411050: true
|
|
|
|
|
DISA_STIG_RHEL_09_411065: true
|
|
|
|
|
DISA_STIG_RHEL_09_411075: true
|
2025-10-30 11:44:53 -04:00
|
|
|
DISA_STIG_RHEL_09_411080: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_411090: true
|
|
|
|
|
DISA_STIG_RHEL_09_411100: true
|
2025-10-30 11:44:53 -04:00
|
|
|
DISA_STIG_RHEL_09_411115: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_412035: true
|
|
|
|
|
DISA_STIG_RHEL_09_412055: true
|
|
|
|
|
DISA_STIG_RHEL_09_412065: true
|
|
|
|
|
DISA_STIG_RHEL_09_412070: true
|
|
|
|
|
DISA_STIG_RHEL_09_431010: true
|
|
|
|
|
DISA_STIG_RHEL_09_431015: true
|
|
|
|
|
DISA_STIG_RHEL_09_432010: true
|
|
|
|
|
DISA_STIG_RHEL_09_432015: true
|
|
|
|
|
DISA_STIG_RHEL_09_611025: true
|
2025-10-29 21:10:43 -04:00
|
|
|
DISA_STIG_RHEL_09_611030: true
|
|
|
|
|
DISA_STIG_RHEL_09_611035: true
|
2025-10-30 11:44:53 -04:00
|
|
|
DISA_STIG_RHEL_09_611060: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_611075: true
|
|
|
|
|
DISA_STIG_RHEL_09_611080: true
|
|
|
|
|
DISA_STIG_RHEL_09_611090: true
|
2025-10-30 11:44:53 -04:00
|
|
|
DISA_STIG_RHEL_09_611105: true
|
|
|
|
|
DISA_STIG_RHEL_09_611115: true
|
|
|
|
|
DISA_STIG_RHEL_09_611125: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_611130: true
|
2025-10-30 11:44:53 -04:00
|
|
|
DISA_STIG_RHEL_09_611135: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_611140: true
|
|
|
|
|
DISA_STIG_RHEL_09_611155: true
|
|
|
|
|
DISA_STIG_RHEL_09_651010: true
|
|
|
|
|
DISA_STIG_RHEL_09_651015: true
|
|
|
|
|
DISA_STIG_RHEL_09_651025: true
|
|
|
|
|
DISA_STIG_RHEL_09_653010: true
|
|
|
|
|
DISA_STIG_RHEL_09_653015: true
|
|
|
|
|
DISA_STIG_RHEL_09_653040: true
|
|
|
|
|
DISA_STIG_RHEL_09_653050: true
|
|
|
|
|
DISA_STIG_RHEL_09_653070: true
|
|
|
|
|
DISA_STIG_RHEL_09_653090: true
|
2025-10-30 11:59:20 -04:00
|
|
|
DISA_STIG_RHEL_09_653110: true
|
2024-02-07 20:48:44 -05:00
|
|
|
DISA_STIG_RHEL_09_653120: true
|
|
|
|
|
DISA_STIG_RHEL_09_654015: true
|
|
|
|
|
DISA_STIG_RHEL_09_654020: true
|
|
|
|
|
DISA_STIG_RHEL_09_654025: true
|
|
|
|
|
DISA_STIG_RHEL_09_654035: true
|
|
|
|
|
DISA_STIG_RHEL_09_654040: true
|
|
|
|
|
DISA_STIG_RHEL_09_654045: true
|
|
|
|
|
DISA_STIG_RHEL_09_654065: true
|
|
|
|
|
DISA_STIG_RHEL_09_654070: true
|
|
|
|
|
DISA_STIG_RHEL_09_654075: true
|
|
|
|
|
DISA_STIG_RHEL_09_654080: true
|
|
|
|
|
DISA_STIG_RHEL_09_654105: true
|
|
|
|
|
DISA_STIG_RHEL_09_654175: true
|
|
|
|
|
DISA_STIG_RHEL_09_654225: true
|
|
|
|
|
DISA_STIG_RHEL_09_654230: true
|
|
|
|
|
DISA_STIG_RHEL_09_654235: true
|
|
|
|
|
DISA_STIG_RHEL_09_654240: true
|
|
|
|
|
DISA_STIG_RHEL_09_654245: true
|
|
|
|
|
DISA_STIG_RHEL_09_654250: true
|
|
|
|
|
DISA_STIG_RHEL_09_654255: true
|
|
|
|
|
DISA_STIG_RHEL_09_654275: true
|
|
|
|
|
DISA_STIG_RHEL_09_671010: true
|
|
|
|
|
DISA_STIG_RHEL_09_671025: true
|
|
|
|
|
DISA_STIG_RHEL_09_672030: true
|
2025-10-29 21:10:43 -04:00
|
|
|
DISA_STIG_needed_rules: true
|
2022-10-05 23:55:37 -04:00
|
|
|
account_disable_post_pw_expiration: true
|
2025-10-29 21:10:43 -04:00
|
|
|
account_password_pam_faillock_password_auth: true
|
|
|
|
|
account_password_pam_faillock_system_auth: true
|
2022-10-05 23:55:37 -04:00
|
|
|
accounts_maximum_age_login_defs: true
|
|
|
|
|
accounts_minimum_age_login_defs: true
|
2023-08-07 18:02:00 -04:00
|
|
|
accounts_no_uid_except_zero: true
|
2025-10-30 11:44:53 -04:00
|
|
|
accounts_password_pam_dictcheck: true
|
|
|
|
|
accounts_password_pam_difok: true
|
|
|
|
|
accounts_password_pam_enforce_root: true
|
|
|
|
|
accounts_password_pam_maxrepeat: true
|
2022-10-05 23:55:37 -04:00
|
|
|
accounts_password_pam_minclass: true
|
|
|
|
|
accounts_password_pam_minlen: true
|
|
|
|
|
accounts_password_pam_pwhistory_remember_password_auth: true
|
|
|
|
|
accounts_password_pam_pwhistory_remember_system_auth: true
|
|
|
|
|
accounts_password_set_max_life_existing: true
|
2023-08-07 18:02:00 -04:00
|
|
|
accounts_password_set_min_life_existing: true
|
2023-05-04 10:45:41 -04:00
|
|
|
accounts_password_set_warn_age_existing: true
|
2022-10-05 23:55:37 -04:00
|
|
|
accounts_password_warn_age_login_defs: true
|
|
|
|
|
accounts_passwords_pam_faillock_deny: true
|
2025-10-30 11:44:53 -04:00
|
|
|
accounts_passwords_pam_faillock_deny_root: true
|
2022-10-05 23:55:37 -04:00
|
|
|
accounts_passwords_pam_faillock_unlock_time: true
|
|
|
|
|
accounts_root_path_dirs_no_write: true
|
2023-05-04 10:45:41 -04:00
|
|
|
accounts_set_post_pw_existing: true
|
2022-10-05 23:55:37 -04:00
|
|
|
accounts_tmout: true
|
|
|
|
|
accounts_umask_etc_bashrc: true
|
|
|
|
|
accounts_umask_etc_login_defs: true
|
|
|
|
|
accounts_umask_etc_profile: true
|
2025-10-30 11:44:53 -04:00
|
|
|
accounts_user_dot_group_ownership: true
|
|
|
|
|
accounts_user_dot_no_world_writable_programs: true
|
|
|
|
|
accounts_user_dot_user_ownership: true
|
2022-10-05 23:55:37 -04:00
|
|
|
accounts_user_interactive_home_directory_exists: true
|
|
|
|
|
aide_build_database: true
|
2023-07-24 20:40:09 -04:00
|
|
|
aide_check_audit_tools: true
|
2022-10-05 23:55:37 -04:00
|
|
|
aide_periodic_cron_checking: true
|
|
|
|
|
audit_rules_dac_modification_chmod: true
|
|
|
|
|
audit_rules_dac_modification_chown: true
|
|
|
|
|
audit_rules_dac_modification_fchmod: true
|
|
|
|
|
audit_rules_dac_modification_fchmodat: true
|
|
|
|
|
audit_rules_dac_modification_fchown: true
|
|
|
|
|
audit_rules_dac_modification_fchownat: true
|
|
|
|
|
audit_rules_dac_modification_fremovexattr: true
|
|
|
|
|
audit_rules_dac_modification_fsetxattr: true
|
|
|
|
|
audit_rules_dac_modification_lchown: true
|
|
|
|
|
audit_rules_dac_modification_lremovexattr: true
|
|
|
|
|
audit_rules_dac_modification_lsetxattr: true
|
|
|
|
|
audit_rules_dac_modification_removexattr: true
|
|
|
|
|
audit_rules_dac_modification_setxattr: true
|
2023-02-06 17:04:34 -05:00
|
|
|
audit_rules_execution_chacl: true
|
|
|
|
|
audit_rules_execution_chcon: true
|
|
|
|
|
audit_rules_execution_setfacl: true
|
2022-10-05 23:55:37 -04:00
|
|
|
audit_rules_file_deletion_events_rename: true
|
|
|
|
|
audit_rules_file_deletion_events_renameat: true
|
|
|
|
|
audit_rules_file_deletion_events_unlink: true
|
|
|
|
|
audit_rules_file_deletion_events_unlinkat: true
|
|
|
|
|
audit_rules_immutable: true
|
2023-07-24 20:40:09 -04:00
|
|
|
audit_rules_kernel_module_loading_create: true
|
2022-10-05 23:55:37 -04:00
|
|
|
audit_rules_kernel_module_loading_delete: true
|
2023-07-24 20:40:09 -04:00
|
|
|
audit_rules_kernel_module_loading_finit: true
|
2022-10-05 23:55:37 -04:00
|
|
|
audit_rules_kernel_module_loading_init: true
|
2023-07-24 20:40:09 -04:00
|
|
|
audit_rules_kernel_module_loading_query: true
|
2022-10-05 23:55:37 -04:00
|
|
|
audit_rules_login_events_faillock: true
|
|
|
|
|
audit_rules_login_events_lastlog: true
|
|
|
|
|
audit_rules_mac_modification: true
|
2023-05-04 10:45:41 -04:00
|
|
|
audit_rules_mac_modification_usr_share: true
|
2022-10-05 23:55:37 -04:00
|
|
|
audit_rules_media_export: true
|
|
|
|
|
audit_rules_networkconfig_modification: true
|
2025-10-29 21:10:43 -04:00
|
|
|
audit_rules_networkconfig_modification_network_scripts: true
|
2023-07-24 20:40:09 -04:00
|
|
|
audit_rules_privileged_commands: true
|
|
|
|
|
audit_rules_privileged_commands_kmod: true
|
2023-02-06 17:04:34 -05:00
|
|
|
audit_rules_privileged_commands_usermod: true
|
2022-10-05 23:55:37 -04:00
|
|
|
audit_rules_session_events: true
|
2023-08-07 18:02:00 -04:00
|
|
|
audit_rules_suid_auid_privilege_function: true
|
2022-10-05 23:55:37 -04:00
|
|
|
audit_rules_sysadmin_actions: true
|
|
|
|
|
audit_rules_time_adjtimex: true
|
|
|
|
|
audit_rules_time_clock_settime: true
|
2023-02-06 17:04:34 -05:00
|
|
|
audit_rules_time_settimeofday: true
|
2022-10-05 23:55:37 -04:00
|
|
|
audit_rules_time_watch_localtime: true
|
|
|
|
|
audit_rules_unsuccessful_file_modification_creat: true
|
|
|
|
|
audit_rules_unsuccessful_file_modification_ftruncate: true
|
|
|
|
|
audit_rules_unsuccessful_file_modification_open: true
|
|
|
|
|
audit_rules_unsuccessful_file_modification_openat: true
|
|
|
|
|
audit_rules_unsuccessful_file_modification_truncate: true
|
|
|
|
|
audit_rules_usergroup_modification_group: true
|
|
|
|
|
audit_rules_usergroup_modification_gshadow: true
|
|
|
|
|
audit_rules_usergroup_modification_opasswd: true
|
|
|
|
|
audit_rules_usergroup_modification_passwd: true
|
|
|
|
|
audit_rules_usergroup_modification_shadow: true
|
2023-02-06 17:04:34 -05:00
|
|
|
audit_sudo_log_events: true
|
2025-10-30 11:44:53 -04:00
|
|
|
auditd_data_disk_error_action: true
|
|
|
|
|
auditd_data_disk_full_action: true
|
2022-10-05 23:55:37 -04:00
|
|
|
auditd_data_retention_action_mail_acct: true
|
|
|
|
|
auditd_data_retention_admin_space_left_action: true
|
|
|
|
|
auditd_data_retention_max_log_file: true
|
|
|
|
|
auditd_data_retention_max_log_file_action: true
|
|
|
|
|
auditd_data_retention_space_left_action: true
|
2025-10-30 11:53:48 -04:00
|
|
|
banner_etc_issue_cis: true
|
|
|
|
|
banner_etc_issue_net_cis: true
|
|
|
|
|
banner_etc_motd_cis: true
|
2025-10-30 11:44:53 -04:00
|
|
|
chronyd_run_as_chrony_user: true
|
2022-10-05 23:55:37 -04:00
|
|
|
chronyd_specify_remote_server: true
|
|
|
|
|
configure_crypto_policy: true
|
|
|
|
|
configure_ssh_crypto_policy: true
|
|
|
|
|
configure_strategy: true
|
|
|
|
|
coredump_disable_backtraces: true
|
|
|
|
|
coredump_disable_storage: true
|
2023-08-07 18:02:00 -04:00
|
|
|
dconf_db_up_to_date: true
|
2022-10-05 23:55:37 -04:00
|
|
|
dconf_gnome_banner_enabled: true
|
2022-12-20 20:27:02 -05:00
|
|
|
dconf_gnome_disable_automount: true
|
|
|
|
|
dconf_gnome_disable_automount_open: true
|
2023-02-06 17:04:34 -05:00
|
|
|
dconf_gnome_disable_autorun: true
|
2022-12-20 20:27:02 -05:00
|
|
|
dconf_gnome_disable_user_list: true
|
2022-10-05 23:55:37 -04:00
|
|
|
dconf_gnome_login_banner_text: true
|
2023-02-06 17:04:34 -05:00
|
|
|
dconf_gnome_screensaver_idle_delay: true
|
|
|
|
|
dconf_gnome_screensaver_lock_delay: true
|
|
|
|
|
dconf_gnome_screensaver_user_locks: true
|
|
|
|
|
dconf_gnome_session_idle_user_locks: true
|
2022-10-05 23:55:37 -04:00
|
|
|
dir_perms_world_writable_sticky_bits: true
|
|
|
|
|
disable_host_auth: true
|
|
|
|
|
disable_strategy: true
|
|
|
|
|
enable_authselect: true
|
|
|
|
|
enable_strategy: true
|
|
|
|
|
ensure_gpgcheck_globally_activated: true
|
2024-02-07 20:48:37 -05:00
|
|
|
ensure_pam_wheel_group_empty: true
|
2022-10-05 23:55:37 -04:00
|
|
|
file_at_deny_not_exist: true
|
2024-02-22 19:00:04 -05:00
|
|
|
file_cron_allow_exists: true
|
2022-10-05 23:55:37 -04:00
|
|
|
file_cron_deny_not_exist: true
|
|
|
|
|
file_groupowner_at_allow: true
|
|
|
|
|
file_groupowner_backup_etc_group: true
|
|
|
|
|
file_groupowner_backup_etc_gshadow: true
|
|
|
|
|
file_groupowner_backup_etc_passwd: true
|
|
|
|
|
file_groupowner_backup_etc_shadow: true
|
|
|
|
|
file_groupowner_cron_allow: true
|
|
|
|
|
file_groupowner_cron_d: true
|
|
|
|
|
file_groupowner_cron_daily: true
|
|
|
|
|
file_groupowner_cron_hourly: true
|
|
|
|
|
file_groupowner_cron_monthly: true
|
|
|
|
|
file_groupowner_cron_weekly: true
|
|
|
|
|
file_groupowner_crontab: true
|
|
|
|
|
file_groupowner_etc_group: true
|
|
|
|
|
file_groupowner_etc_gshadow: true
|
2023-02-06 17:04:34 -05:00
|
|
|
file_groupowner_etc_issue: true
|
2022-12-20 20:27:02 -05:00
|
|
|
file_groupowner_etc_issue_net: true
|
2023-02-06 17:04:34 -05:00
|
|
|
file_groupowner_etc_motd: true
|
2022-10-05 23:55:37 -04:00
|
|
|
file_groupowner_etc_passwd: true
|
|
|
|
|
file_groupowner_etc_shadow: true
|
2025-10-30 11:44:53 -04:00
|
|
|
file_groupowner_etc_shells: true
|
2022-10-05 23:55:37 -04:00
|
|
|
file_groupowner_grub2_cfg: true
|
|
|
|
|
file_groupowner_sshd_config: true
|
2022-12-20 20:27:02 -05:00
|
|
|
file_groupowner_user_cfg: true
|
2023-02-06 17:04:34 -05:00
|
|
|
file_groupownership_audit_binaries: true
|
|
|
|
|
file_groupownership_audit_configuration: true
|
2023-08-07 18:02:00 -04:00
|
|
|
file_groupownership_sshd_private_key: true
|
|
|
|
|
file_groupownership_sshd_pub_key: true
|
2022-10-05 23:55:37 -04:00
|
|
|
file_owner_backup_etc_group: true
|
|
|
|
|
file_owner_backup_etc_gshadow: true
|
|
|
|
|
file_owner_backup_etc_passwd: true
|
|
|
|
|
file_owner_backup_etc_shadow: true
|
|
|
|
|
file_owner_cron_allow: true
|
|
|
|
|
file_owner_cron_d: true
|
|
|
|
|
file_owner_cron_daily: true
|
|
|
|
|
file_owner_cron_hourly: true
|
|
|
|
|
file_owner_cron_monthly: true
|
|
|
|
|
file_owner_cron_weekly: true
|
|
|
|
|
file_owner_crontab: true
|
|
|
|
|
file_owner_etc_group: true
|
|
|
|
|
file_owner_etc_gshadow: true
|
2023-02-06 17:04:34 -05:00
|
|
|
file_owner_etc_issue: true
|
2022-12-20 20:27:02 -05:00
|
|
|
file_owner_etc_issue_net: true
|
2023-02-06 17:04:34 -05:00
|
|
|
file_owner_etc_motd: true
|
2022-10-05 23:55:37 -04:00
|
|
|
file_owner_etc_passwd: true
|
|
|
|
|
file_owner_etc_shadow: true
|
2025-10-30 11:44:53 -04:00
|
|
|
file_owner_etc_shells: true
|
2022-10-05 23:55:37 -04:00
|
|
|
file_owner_grub2_cfg: true
|
|
|
|
|
file_owner_sshd_config: true
|
2022-12-20 20:27:02 -05:00
|
|
|
file_owner_user_cfg: true
|
2023-02-06 17:04:34 -05:00
|
|
|
file_ownership_audit_binaries: true
|
|
|
|
|
file_ownership_audit_configuration: true
|
2023-07-24 20:40:09 -04:00
|
|
|
file_ownership_sshd_private_key: true
|
|
|
|
|
file_ownership_sshd_pub_key: true
|
2025-10-30 11:44:53 -04:00
|
|
|
file_permission_user_init_files: true
|
2022-10-05 23:55:37 -04:00
|
|
|
file_permissions_at_allow: true
|
2023-02-06 17:04:34 -05:00
|
|
|
file_permissions_audit_binaries: true
|
2023-07-24 20:40:09 -04:00
|
|
|
file_permissions_audit_configuration: true
|
2022-10-05 23:55:37 -04:00
|
|
|
file_permissions_backup_etc_group: true
|
|
|
|
|
file_permissions_backup_etc_gshadow: true
|
|
|
|
|
file_permissions_backup_etc_passwd: true
|
|
|
|
|
file_permissions_backup_etc_shadow: true
|
|
|
|
|
file_permissions_cron_allow: true
|
|
|
|
|
file_permissions_cron_d: true
|
|
|
|
|
file_permissions_cron_daily: true
|
|
|
|
|
file_permissions_cron_hourly: true
|
|
|
|
|
file_permissions_cron_monthly: true
|
|
|
|
|
file_permissions_cron_weekly: true
|
|
|
|
|
file_permissions_crontab: true
|
|
|
|
|
file_permissions_etc_group: true
|
|
|
|
|
file_permissions_etc_gshadow: true
|
|
|
|
|
file_permissions_etc_issue: true
|
2022-12-20 20:27:02 -05:00
|
|
|
file_permissions_etc_issue_net: true
|
2022-10-05 23:55:37 -04:00
|
|
|
file_permissions_etc_motd: true
|
|
|
|
|
file_permissions_etc_passwd: true
|
|
|
|
|
file_permissions_etc_shadow: true
|
2025-10-30 11:44:53 -04:00
|
|
|
file_permissions_etc_shells: true
|
2022-10-05 23:55:37 -04:00
|
|
|
file_permissions_grub2_cfg: true
|
|
|
|
|
file_permissions_home_directories: true
|
|
|
|
|
file_permissions_sshd_config: true
|
2023-02-06 17:04:34 -05:00
|
|
|
file_permissions_sshd_private_key: true
|
2022-10-05 23:55:37 -04:00
|
|
|
file_permissions_sshd_pub_key: true
|
2022-12-20 20:27:02 -05:00
|
|
|
file_permissions_user_cfg: true
|
2023-02-06 17:04:34 -05:00
|
|
|
file_permissions_var_log_audit: true
|
2023-07-24 20:40:09 -04:00
|
|
|
firewalld_loopback_traffic_restricted: true
|
|
|
|
|
firewalld_loopback_traffic_trusted: true
|
2022-12-20 20:27:02 -05:00
|
|
|
gnome_gdm_disable_xdmcp: true
|
2022-10-05 23:55:37 -04:00
|
|
|
grub2_audit_argument: true
|
|
|
|
|
grub2_audit_backlog_limit_argument: true
|
|
|
|
|
grub2_enable_selinux: true
|
|
|
|
|
high_disruption: true
|
|
|
|
|
high_severity: true
|
|
|
|
|
journald_compress: true
|
|
|
|
|
journald_storage: true
|
2025-10-30 11:44:53 -04:00
|
|
|
kernel_module_cramfs_disabled: true
|
|
|
|
|
kernel_module_dccp_disabled: true
|
|
|
|
|
kernel_module_freevxfs_disabled: true
|
|
|
|
|
kernel_module_hfs_disabled: true
|
|
|
|
|
kernel_module_hfsplus_disabled: true
|
|
|
|
|
kernel_module_jffs2_disabled: true
|
|
|
|
|
kernel_module_rds_disabled: true
|
|
|
|
|
kernel_module_sctp_disabled: true
|
2022-10-05 23:55:37 -04:00
|
|
|
kernel_module_squashfs_disabled: true
|
2023-02-06 17:04:34 -05:00
|
|
|
kernel_module_tipc_disabled: true
|
2022-10-05 23:55:37 -04:00
|
|
|
kernel_module_udf_disabled: true
|
|
|
|
|
low_complexity: true
|
|
|
|
|
low_disruption: true
|
|
|
|
|
low_severity: true
|
|
|
|
|
medium_complexity: true
|
|
|
|
|
medium_disruption: true
|
|
|
|
|
medium_severity: true
|
|
|
|
|
mount_option_dev_shm_nodev: true
|
|
|
|
|
mount_option_dev_shm_noexec: true
|
|
|
|
|
mount_option_dev_shm_nosuid: true
|
|
|
|
|
mount_option_home_nodev: true
|
|
|
|
|
mount_option_home_nosuid: true
|
|
|
|
|
mount_option_tmp_nodev: true
|
|
|
|
|
mount_option_tmp_noexec: true
|
|
|
|
|
mount_option_tmp_nosuid: true
|
|
|
|
|
mount_option_var_log_audit_nodev: true
|
|
|
|
|
mount_option_var_log_audit_noexec: true
|
|
|
|
|
mount_option_var_log_audit_nosuid: true
|
|
|
|
|
mount_option_var_log_nodev: true
|
|
|
|
|
mount_option_var_log_noexec: true
|
|
|
|
|
mount_option_var_log_nosuid: true
|
|
|
|
|
mount_option_var_nodev: true
|
|
|
|
|
mount_option_var_nosuid: true
|
|
|
|
|
mount_option_var_tmp_nodev: true
|
|
|
|
|
mount_option_var_tmp_noexec: true
|
|
|
|
|
mount_option_var_tmp_nosuid: true
|
2023-05-04 10:45:41 -04:00
|
|
|
no_empty_passwords: true
|
2022-10-05 23:55:37 -04:00
|
|
|
no_empty_passwords_etc_shadow: true
|
2023-07-24 20:40:09 -04:00
|
|
|
no_password_auth_for_systemaccounts: true
|
2022-10-05 23:55:37 -04:00
|
|
|
no_reboot_needed: true
|
|
|
|
|
no_rsh_trust_files: true
|
2023-07-24 20:40:09 -04:00
|
|
|
no_shelllogin_for_systemaccounts: true
|
2022-10-05 23:55:37 -04:00
|
|
|
package_aide_installed: true
|
|
|
|
|
package_audit_installed: true
|
2025-10-30 11:44:53 -04:00
|
|
|
package_audit_libs_installed: true
|
2023-02-06 17:04:34 -05:00
|
|
|
package_bind_removed: true
|
2025-10-30 11:53:48 -04:00
|
|
|
package_chrony_installed: true
|
2025-10-30 11:59:20 -04:00
|
|
|
package_cron_installed: true
|
2023-05-04 10:45:41 -04:00
|
|
|
package_cyrus_imapd_removed: true
|
2023-02-06 17:04:34 -05:00
|
|
|
package_dhcp_removed: true
|
2023-05-04 10:45:41 -04:00
|
|
|
package_dnsmasq_removed: true
|
2022-10-05 23:55:37 -04:00
|
|
|
package_dovecot_removed: true
|
2024-02-22 19:00:04 -05:00
|
|
|
package_firewalld_installed: true
|
2023-05-04 10:45:41 -04:00
|
|
|
package_ftp_removed: true
|
2023-02-06 17:04:34 -05:00
|
|
|
package_gdm_removed: true
|
2022-10-05 23:55:37 -04:00
|
|
|
package_httpd_removed: true
|
|
|
|
|
package_libselinux_installed: true
|
|
|
|
|
package_mcstrans_removed: true
|
|
|
|
|
package_net_snmp_removed: true
|
2023-02-06 17:04:34 -05:00
|
|
|
package_nftables_installed: true
|
2023-05-04 10:45:41 -04:00
|
|
|
package_nginx_removed: true
|
2022-10-05 23:55:37 -04:00
|
|
|
package_openldap_clients_removed: true
|
2025-10-30 11:44:53 -04:00
|
|
|
package_pam_pwquality_installed: true
|
2023-02-06 17:04:34 -05:00
|
|
|
package_rsync_removed: true
|
2022-10-05 23:55:37 -04:00
|
|
|
package_samba_removed: true
|
|
|
|
|
package_setroubleshoot_removed: true
|
|
|
|
|
package_squid_removed: true
|
|
|
|
|
package_sudo_installed: true
|
2025-10-30 11:44:53 -04:00
|
|
|
package_systemd_journal_remote_installed: true
|
2022-10-05 23:55:37 -04:00
|
|
|
package_telnet_removed: true
|
|
|
|
|
package_telnet_server_removed: true
|
|
|
|
|
package_tftp_removed: true
|
|
|
|
|
package_tftp_server_removed: true
|
|
|
|
|
package_vsftpd_removed: true
|
2025-10-30 11:44:53 -04:00
|
|
|
package_xinetd_removed: true
|
2022-10-05 23:55:37 -04:00
|
|
|
package_xorg_x11_server_common_removed: true
|
2025-10-30 11:44:53 -04:00
|
|
|
package_ypbind_removed: true
|
|
|
|
|
package_ypserv_removed: true
|
2022-10-05 23:55:37 -04:00
|
|
|
postfix_network_listening_disabled: true
|
|
|
|
|
reboot_required: true
|
|
|
|
|
restrict_strategy: true
|
2023-05-04 10:45:41 -04:00
|
|
|
rsyslog_files_groupownership: true
|
|
|
|
|
rsyslog_files_ownership: true
|
2022-10-05 23:55:37 -04:00
|
|
|
rsyslog_files_permissions: true
|
2023-07-24 20:40:09 -04:00
|
|
|
selinux_not_disabled: true
|
2022-10-05 23:55:37 -04:00
|
|
|
selinux_policytype: true
|
|
|
|
|
selinux_state: true
|
|
|
|
|
service_auditd_enabled: true
|
2025-10-30 11:44:53 -04:00
|
|
|
service_autofs_disabled: true
|
|
|
|
|
service_avahi_daemon_disabled: true
|
|
|
|
|
service_bluetooth_disabled: true
|
2022-10-05 23:55:37 -04:00
|
|
|
service_crond_enabled: true
|
2025-10-30 11:44:53 -04:00
|
|
|
service_cups_disabled: true
|
2022-10-05 23:55:37 -04:00
|
|
|
service_firewalld_enabled: true
|
|
|
|
|
service_nfs_disabled: true
|
2023-07-24 20:40:09 -04:00
|
|
|
service_nftables_disabled: true
|
2023-02-06 17:04:34 -05:00
|
|
|
service_rpcbind_disabled: true
|
2022-10-05 23:55:37 -04:00
|
|
|
service_systemd_journald_enabled: true
|
2025-10-30 11:44:53 -04:00
|
|
|
set_password_hashing_algorithm_libuserconf: true
|
2023-05-04 10:45:41 -04:00
|
|
|
set_password_hashing_algorithm_logindefs: true
|
2022-10-05 23:55:37 -04:00
|
|
|
set_password_hashing_algorithm_passwordauth: true
|
|
|
|
|
set_password_hashing_algorithm_systemauth: true
|
|
|
|
|
sshd_disable_empty_passwords: true
|
2025-10-30 11:44:53 -04:00
|
|
|
sshd_disable_gssapi_auth: true
|
2022-10-05 23:55:37 -04:00
|
|
|
sshd_disable_rhosts: true
|
|
|
|
|
sshd_disable_root_login: true
|
|
|
|
|
sshd_do_not_permit_user_env: true
|
|
|
|
|
sshd_enable_pam: true
|
2023-05-04 10:45:41 -04:00
|
|
|
sshd_enable_warning_banner_net: true
|
2022-10-05 23:55:37 -04:00
|
|
|
sshd_set_idle_timeout: true
|
|
|
|
|
sshd_set_keepalive: true
|
|
|
|
|
sshd_set_login_grace_time: true
|
|
|
|
|
sshd_set_loglevel_verbose: true
|
|
|
|
|
sshd_set_max_auth_tries: true
|
|
|
|
|
sshd_set_max_sessions: true
|
|
|
|
|
sshd_set_maxstartups: true
|
2025-10-30 11:44:53 -04:00
|
|
|
sshd_use_strong_kex: true
|
|
|
|
|
sshd_use_strong_macs: true
|
2022-10-05 23:55:37 -04:00
|
|
|
sudo_add_use_pty: true
|
|
|
|
|
sudo_custom_logfile: true
|
|
|
|
|
sudo_require_authentication: true
|
|
|
|
|
sudo_require_reauthentication: true
|
|
|
|
|
sysctl_kernel_randomize_va_space: true
|
2025-10-30 11:44:53 -04:00
|
|
|
sysctl_kernel_yama_ptrace_scope: true
|
2022-10-05 23:55:37 -04:00
|
|
|
sysctl_net_ipv4_conf_all_accept_redirects: true
|
|
|
|
|
sysctl_net_ipv4_conf_all_accept_source_route: true
|
|
|
|
|
sysctl_net_ipv4_conf_all_log_martians: true
|
|
|
|
|
sysctl_net_ipv4_conf_all_rp_filter: true
|
|
|
|
|
sysctl_net_ipv4_conf_all_secure_redirects: true
|
|
|
|
|
sysctl_net_ipv4_conf_all_send_redirects: true
|
|
|
|
|
sysctl_net_ipv4_conf_default_accept_redirects: true
|
|
|
|
|
sysctl_net_ipv4_conf_default_accept_source_route: true
|
|
|
|
|
sysctl_net_ipv4_conf_default_log_martians: true
|
|
|
|
|
sysctl_net_ipv4_conf_default_rp_filter: true
|
|
|
|
|
sysctl_net_ipv4_conf_default_secure_redirects: true
|
|
|
|
|
sysctl_net_ipv4_conf_default_send_redirects: true
|
|
|
|
|
sysctl_net_ipv4_icmp_echo_ignore_broadcasts: true
|
|
|
|
|
sysctl_net_ipv4_icmp_ignore_bogus_error_responses: true
|
|
|
|
|
sysctl_net_ipv4_ip_forward: true
|
|
|
|
|
sysctl_net_ipv4_tcp_syncookies: true
|
|
|
|
|
sysctl_net_ipv6_conf_all_accept_ra: true
|
|
|
|
|
sysctl_net_ipv6_conf_all_accept_redirects: true
|
|
|
|
|
sysctl_net_ipv6_conf_all_accept_source_route: true
|
|
|
|
|
sysctl_net_ipv6_conf_all_forwarding: true
|
|
|
|
|
sysctl_net_ipv6_conf_default_accept_ra: true
|
|
|
|
|
sysctl_net_ipv6_conf_default_accept_redirects: true
|
|
|
|
|
sysctl_net_ipv6_conf_default_accept_source_route: true
|
|
|
|
|
unknown_severity: true
|
|
|
|
|
unknown_strategy: true
|
2024-02-07 20:48:37 -05:00
|
|
|
use_pam_wheel_group_for_su: true
|
2022-10-05 23:55:37 -04:00
|
|
|
wireless_disable_interfaces: true
|
2025-10-30 11:44:53 -04:00
|
|
|
xwindows_runlevel_target: true
|
