Disable Automounting
Details autofs allows automatic mounting of devices, typically including CD/DVDs and USB drives. Rationale: With automounting enabled anyone with physical...
- Home
- Security Hardening
- CIS CentOS 6 Workstation L2 V3.0.0
CIS CentOS 6 Workstation L2 V3.0.0
Disable IPv6
Details Although IPv6 has many advantages over IPv4, not all organizations have IPv6 or dual stack configurations implemented. Rationale: If...Disable USB Storage – lsmod
Details USB storage provides a means to transfer and store files insuring persistence and availability of the files independent of...Disable USB Storage – modprobe
Details USB storage provides a means to transfer and store files insuring persistence and availability of the files independent of...Ensure auditd is installed – audit
Details auditd is the userspace component to the Linux Auditing System. It’s responsible for writing audit records to the disk...Ensure auditd is installed – audit-libs
Details auditd is the userspace component to the Linux Auditing System. It’s responsible for writing audit records to the disk...Ensure auditd service is enabled
Details Turn on the auditd daemon to record system events. Rationale: The capturing of system events provides system administrators with...Ensure auditing for processes that start prior to auditd is enabled
Details Configure grub so that processes that are capable of being audited can be audited even if they start up...Ensure audit logs are not automatically deleted
Details The max_log_file_action setting determines how to handle the audit log file reaching the max file size. A value of...Ensure audit log storage size is configured
Details Configure the maximum size of the audit log file. Once the log reaches the maximum size, it will be...