Enable Auditing for Processes That Start Prior to auditd
Details Configure grub or lilo so that processes that are capable of being audited can be audited even if they...
- Home
- Security Hardening
- CIS Ubuntu 12.04 LTS Benchmark L2 V1.1.0
CIS Ubuntu 12.04 LTS Benchmark L2 V1.1.0
Install and Enable auditd Service
Details Install and turn on the auditd daemon to record system events. *Rationale* The capturing of system events provides system...Keep All Auditing Information
Details Normally, auditd will hold 4 logs of maximum log file size before deleting older log files. *Rationale* In high...Record Events That Modify Date and Time Information- ’32bit adjtimex’
Details Capture events where the system date and/or time has been modified. The parameters in this section are set to...Record Events That Modify Date and Time Information- ’32bit clock_settime’
Details Capture events where the system date and/or time has been modified. The parameters in this section are set to...Record Events That Modify Date and Time Information – ’64bit adjtimex’
Details Capture events where the system date and/or time has been modified. The parameters in this section are set to...Record Events That Modify Date and Time Information – ’64bit clock_settime’
Details Capture events where the system date and/or time has been modified. The parameters in this section are set to...Record Events That Modify Date and Time Information- ‘time-change’
Details Capture events where the system date and/or time has been modified. The parameters in this section are set to...Record Events That Modify the System’s Mandatory Access Controls
Details Monitor SELinux mandatory access controls. The parameters below monitor any write access (potential additional, deletion or modification of files...Record Events That Modify the System’s Network Environment- ’32bit sethostname’
Details Record changes to network environment files or system calls. The below parameters monitor the sethostname (set the systems host...