![]() ![]() Whilst this repo intends to follow a zero dependency approach, it is not practical to support Python 2.7, which is what is installed by default on CentOS 7. ![]() Use of the CIS Benchmarks are subject to the Terms of Use for Non-Member CIS Products CentOS 7 & Python 3 Passed 13 of 15 tests in 1 seconds (1 Skipped, 0 Errors) ID Description Scoring Level Result Durationĥ Access Authentication and Authorizationĥ.2.1 Ensure permissions on /etc/ssh/sshd_config are configured Scored 1 Pass 33msĥ.2.2 Ensure SSH Protocol is set to 2 Scored 1 Pass 5msĥ.2.3 Ensure SSH LogLevel is set to INFO Scored 1 Pass 6msĥ.2.4 Ensure SSH X11 forwarding is disabled Scored 1 Pass 4msĥ.2.5 Ensure SSH MaxAuthTries is set to 4 or less Scored 1 Pass 9msĥ.2.6 Ensure SSH IgnoreRhosts is enabled Scored 1 Pass 5msĥ.2.7 Ensure SSH HostbasedAuthentication is disabled Scored 1 Pass 5msĥ.2.8 Ensure SSH root login is disabled Scored 1 Fail 8msĥ.2.9 Ensure SSH PermitEmptyPasswords is disabled Scored 1 Pass 5msĥ.2.10 Ensure SSH PermitUserEnvironment is disabled Scored 1 Pass 8msĥ.2.11 Ensure only approved ciphers are used Scored 1 Pass 16msĥ.2.12 Ensure only approved MAC algorithms are used Scored 1 Pass 45msĥ.2.13 Ensure SSH Idle Timeout Interval is configured Scored 1 Fail 15msĥ.2.14 Ensure SSH LoginGraceTime is set to one minute or less Scored 1 Pass 11msĥ.2.15 Ensure SSH access is limited Skipped 1ĥ.2.16 Ensure SSH warning banner is configured Scored 1 Pass 6ms Run level 1 tests and include some but not all SELinux questions This profile includes Center for Internet Security® Red Hat Enterprise Linux 8 CIS Benchmarks content. cis_audit.py -include 4.1 -exclude 4.1.1 This profile defines a baseline that aligns to the 'Level 2 - Server' configuration from the Center for Internet Security® Red Hat Enterprise Linux 8 Benchmark, v2.0.0, released. Include tests only from section 4.1 but exclude tests from section 4.1.1: ![]() Equivalent to -output tsvĮxclude tests from section 1.1 and 1.3.2: tsv Output results as tab-separated values. That said, looking at the CIS Apache Tomcat 8 benchmark v1.0.1, the Remediation sections have Linux commands in them indicating that they are for a. psv Output results as pipe-separated values. csv Output results as comma-separated values. This CIS Benchmark is the product of a community consensus process and consists of secure configuration guidelines developed for Ubuntu Linux Explore CIS. workstation Use "workstation" levels to determine which tests to run. server Use "server" levels to determine which tests to run. Output redirected to a file/pipe is never coloured. Setting this overrides the -nice option.ĭisable colouring for STDOUT. This may make the tests complete faster but at the cost of putting a higher load on the server. no-nice Do not lower CPU priority for test execution. nice Lower the CPU priority for test execution. debug Run script with debug output turned on. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |