Ensure time is not enabled
Details time is a network service that responds with the server’s current date and time as a 32 bit integer....
- Home
- Security Hardening
- CIS Debian Linux 7 L1 V1.0.0
CIS Debian Linux 7 L1 V1.0.0
Ensure xinetd is not enabled
Details The eXtended InterNET Daemon (xinetd) is an open source super daemon that replaced the original inetd daemon. The xinetd...Install Updates, Patches and Additional Security Software
Details Periodically patches are released for included software either due to security flaws or to include additional functionality. Newer patches...Require Authentication for Single-User Mode
Details Setting a password for the root user will force authentication in single user mode. Requiring authentication in single user...Restrict Core Dumps – fs.suid_dumpable
Details A core dump is the memory of an executable program. It is generally used to determine why a program...Restrict Core Dumps – limits.conf
Details A core dump is the memory of an executable program. It is generally used to determine why a program...Set Boot Loader Password – set superusers
Details Setting the boot loader password will require that anyone rebooting the system must enter a password before being able...Set Boot Loader Password – password_pbkdf2
Details Setting the boot loader password will require that anyone rebooting the system must enter a password before being able...Set nodev option for /tmp Partition
Details The nodev mount option specifies that the filesystem cannot contain special devices. Since the /tmp filesystem is not intended...Set noexec option for /tmp Partition
Details The noexec mount option specifies that the filesystem cannot contain executable binaries. Since the /tmp filesystem is only intended...