Disable Automounting
Details autofs allows automatic mounting of devices, typically including CD/DVDs and USB drives. With automounting enabled anyone with physical access...
- Home
- Security Hardening
- CIS SUSE Linux Enterprise Server 11 L1 V2.1.0
CIS SUSE Linux Enterprise Server 11 L1 V2.1.0
Ensure address space layout randomization (ASLR) is enabled – /etc/sysctl
Details Address space layout randomization (ASLR) is an exploit mitigation technique which randomly arranges the address space of key data...Ensure address space layout randomization (ASLR) is enabled – sysctl
Details Address space layout randomization (ASLR) is an exploit mitigation technique which randomly arranges the address space of key data...Ensure AIDE is installed
Details AIDE takes a snapshot of filesystem state including modification times, permissions, and file hashes which can then be used...Ensure authentication required for single user mode
Details Single user mode is used for recovery when the system detects an issue during boot or by manual selection...Ensure bootloader password is set – password_pbkdf2
Details Setting the boot loader password will require that anyone rebooting the system must enter a password before being able...Ensure bootloader password is set – superusers
Details Setting the boot loader password will require that anyone rebooting the system must enter a password before being able...Ensure core dumps are restricted – /etc/sysctl
Details A core dump is the memory of an executable program. It is generally used to determine why a program...Ensure core dumps are restricted – fs.suid_dumpable
Details A core dump is the memory of an executable program. It is generally used to determine why a program...Ensure core dumps are restricted – hard core 0
Details A core dump is the memory of an executable program. It is generally used to determine why a program...