Ensure mounting of squashfs filesystems is disabled – lsmod
Details The squashfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems (similar to cramfs )....
- Home
- Security Hardening
- CIS Debian Family Workstation L2 V1.0.0
CIS Debian Family Workstation L2 V1.0.0
Ensure mounting of squashfs filesystems is disabled – modprobe
Details The squashfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems (similar to cramfs )....Ensure RDS is disabled – lsmod
Details The Reliable Datagram Sockets (RDS) protocol is a transport layer protocol designed to provide low-latency, high-bandwidth communications between cluster...Ensure RDS is disabled – modprobe
Details The Reliable Datagram Sockets (RDS) protocol is a transport layer protocol designed to provide low-latency, high-bandwidth communications between cluster...Ensure SCTP is disabled – lsmod
Details The Stream Control Transmission Protocol (SCTP) is a transport layer protocol used to support message oriented communication, with several...Ensure SCTP is disabled – modprobe
Details The Stream Control Transmission Protocol (SCTP) is a transport layer protocol used to support message oriented communication, with several...Ensure separate partition exists for /home
Details The /home directory is used to support disk storage needs of local users. Rationale: If the system is intended...Ensure separate partition exists for /var
Details The /var directory is used by daemons and other system services to temporarily store dynamic data. Some directories created...Ensure separate partition exists for /var/log
Details The /var/log directory is used by system services to store log data. Note: When modifying /var/log it is advisable...Ensure separate partition exists for /var/log/audit
Details The auditing daemon, auditd , stores log data in the /var/log/audit directory. Note: When modifying /var/log/audit it is advisable...