Ensure address space layout randomization (ASLR) is enabled – sysctl
Details Address space layout randomization (ASLR) is an exploit mitigation technique which randomly arranges the address space of key data...
- Home
- Security Hardening
- Tenable Cisco Firepower Management Center OS Best Practices
Tenable Cisco Firepower Management Center OS Best Practices
Ensure address space layout randomization (ASLR) is enabled – sysctl.conf
Details Address space layout randomization (ASLR) is an exploit mitigation technique which randomly arranges the address space of key data...Ensure AIDE is installed – dpkg
Details By monitoring the filesystem state compromised files can be detected to prevent or limit the exposure of accidental or...Ensure AIDE is installed – rpm
Details By monitoring the filesystem state compromised files can be detected to prevent or limit the exposure of accidental or...Ensure AIDE is installed – zypper
Details By monitoring the filesystem state compromised files can be detected to prevent or limit the exposure of accidental or...Ensure all groups in /etc/passwd exist in /etc/group
Details Groups defined in the /etc/passwd file but not in the /etc/group file pose a threat to system security since...Ensure all users’ home directories exist
Details Users can be defined in /etc/passwd without a home directory or with a home directory that does not actually...Ensure all users last password change date is in the past
Details All users should have a password change date in the past. Solution Investigate any users with a password change...Ensure at/cron is restricted to authorized users – at.allow
Details On many systems, only the system administrator is authorized to schedule cron jobs. Using the cron.allow file to control...Ensure at/cron is restricted to authorized users – at.deny
Details On many systems, only the system administrator is authorized to schedule cron jobs. Using the cron.allow file to control...