Ensure core dumps are restricted – /etc/sysctl.d/*
Details A core dump is the memory of an executable program. It is generally used to determine why a program...
- Home
- Security Hardening
- CIS Fedora 28 Family Linux Server L1 V1.0.0
CIS Fedora 28 Family Linux Server L1 V1.0.0
Ensure core dumps are restricted – sysctl
Details A core dump is the memory of an executable program. It is generally used to determine why a program...Ensure filesystem integrity is regularly checked
Details Periodic checking of the filesystem integrity is needed to detect changes to the filesystem. Periodic file checking allows the...Ensure gpgcheck is globally activated
Details The gpgcheck option, found in the main section of the /etc/yum.conf and individual /etc/yum/repos.d/* files determines if an RPM...Ensure GPG keys are configured
Details Most packages managers implement GPG key signing to verify package integrity during installation. It is important to ensure that...Ensure local login warning banner is configured properly
Details The contents of the /etc/issue file are displayed to users prior to login for local terminals. Unix-based systems have...Ensure message of the day is configured properly
Details The contents of the /etc/motd file are displayed to users after login and function as a message of the...Ensure mounting of cramfs filesystems is disabled – lsmod
Details The cramfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A cramfs image can...Ensure mounting of cramfs filesystems is disabled – modprobe
Details The cramfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems. A cramfs image can...Ensure mounting of squashfs filesystems is disabled – lsmod
Details The squashfs filesystem type is a compressed read-only Linux filesystem embedded in small footprint systems (similar to cramfs )....