Libraries » tomkrieger-cis_security_hardening (0.9.7)

Alphabetic Index

Puppet Class Listing A-Z

C cis_security_hardening cis_security_hardening::auditd_cron cis_security_hardening::config cis_security_hardening::reboot cis_security_hardening::rules::abrt cis_security_hardening::rules::adm_crypt_style cis_security_hardening::rules::aide_audit_integrity cis_security_hardening::rules::aide_installed cis_security_hardening::rules::aide_notify_admins cis_security_hardening::rules::aide_regular_checks cis_security_hardening::rules::apparmor cis_security_hardening::rules::apparmor_bootloader cis_security_hardening::rules::apparmor_profiles cis_security_hardening::rules::apparmor_profiles_enforcing cis_security_hardening::rules::apt_unused cis_security_hardening::rules::at_restrict cis_security_hardening::rules::auditd_access cis_security_hardening::rules::auditd_actions cis_security_hardening::rules::auditd_apparmor_parser_use cis_security_hardening::rules::auditd_backlog_limit cis_security_hardening::rules::auditd_chacl_use cis_security_hardening::rules::auditd_chage_use cis_security_hardening::rules::auditd_chcon_use cis_security_hardening::rules::auditd_chfn_use cis_security_hardening::rules::auditd_chsh_use cis_security_hardening::rules::auditd_conf_perms cis_security_hardening::rules::auditd_crontab_use cis_security_hardening::rules::auditd_delete cis_security_hardening::rules::auditd_delete_module cis_security_hardening::rules::auditd_disk_error cis_security_hardening::rules::auditd_failure_processing cis_security_hardening::rules::auditd_fdisk_use cis_security_hardening::rules::auditd_finit_module_use cis_security_hardening::rules::auditd_fremovexattr_use cis_security_hardening::rules::auditd_fsetxattr_use cis_security_hardening::rules::auditd_gpasswd_use cis_security_hardening::rules::auditd_identity cis_security_hardening::rules::auditd_immutable cis_security_hardening::rules::auditd_init cis_security_hardening::rules::auditd_init_module cis_security_hardening::rules::auditd_kernel_modules cis_security_hardening::rules::auditd_kmod_use cis_security_hardening::rules::auditd_local_events cis_security_hardening::rules::auditd_log_config cis_security_hardening::rules::auditd_log_dir_perms cis_security_hardening::rules::auditd_log_format cis_security_hardening::rules::auditd_log_perms cis_security_hardening::rules::auditd_logins cis_security_hardening::rules::auditd_loginuid_immutable cis_security_hardening::rules::auditd_lremovexattr_use cis_security_hardening::rules::auditd_lsetxattr_use cis_security_hardening::rules::auditd_mac_policy cis_security_hardening::rules::auditd_max_log_file cis_security_hardening::rules::auditd_max_log_file_action cis_security_hardening::rules::auditd_modules cis_security_hardening::rules::auditd_mounts cis_security_hardening::rules::auditd_newgrp_use cis_security_hardening::rules::auditd_nonlocal_admin_access cis_security_hardening::rules::auditd_open_by_handle_use cis_security_hardening::rules::auditd_overflow_action cis_security_hardening::rules::auditd_package cis_security_hardening::rules::auditd_pam_timestamp_check_use cis_security_hardening::rules::auditd_passwd_use cis_security_hardening::rules::auditd_perm_mod cis_security_hardening::rules::auditd_postdrop cis_security_hardening::rules::auditd_postqueue cis_security_hardening::rules::auditd_privileged_commands cis_security_hardening::rules::auditd_privileged_functions_use cis_security_hardening::rules::auditd_privileged_priv_change cis_security_hardening::rules::auditd_process cis_security_hardening::rules::auditd_remote cis_security_hardening::rules::auditd_remote_conf cis_security_hardening::rules::auditd_remote_encrypt cis_security_hardening::rules::auditd_remote_labeled cis_security_hardening::rules::auditd_removexattr_use cis_security_hardening::rules::auditd_rmdir cis_security_hardening::rules::auditd_rsyslog_gnutls cis_security_hardening::rules::auditd_scope cis_security_hardening::rules::auditd_semanage cis_security_hardening::rules::auditd_sending_errors cis_security_hardening::rules::auditd_service cis_security_hardening::rules::auditd_session_logins cis_security_hardening::rules::auditd_setfacl_use cis_security_hardening::rules::auditd_setfiles cis_security_hardening::rules::auditd_setsebool cis_security_hardening::rules::auditd_setxattr_use cis_security_hardening::rules::auditd_space_left cis_security_hardening::rules::auditd_ssh_agent_use cis_security_hardening::rules::auditd_ssh_keysign_use cis_security_hardening::rules::auditd_sudo_use cis_security_hardening::rules::auditd_sudoedit_use cis_security_hardening::rules::auditd_sudoers cis_security_hardening::rules::auditd_sudoersd cis_security_hardening::rules::auditd_system_locale cis_security_hardening::rules::auditd_time_change cis_security_hardening::rules::auditd_tools_perms cis_security_hardening::rules::auditd_umount cis_security_hardening::rules::auditd_unix_checkpwd cis_security_hardening::rules::auditd_unix_update_use cis_security_hardening::rules::auditd_usbguard cis_security_hardening::rules::auditd_user_emulation cis_security_hardening::rules::auditd_userhelper cis_security_hardening::rules::auditd_usermod_use cis_security_hardening::rules::auditd_when_disk_full cis_security_hardening::rules::authselect cis_security_hardening::rules::automatic_error_reporting cis_security_hardening::rules::avahi cis_security_hardening::rules::bind cis_security_hardening::rules::boot_efi_nosuid cis_security_hardening::rules::boot_nosuid cis_security_hardening::rules::chrony cis_security_hardening::rules::cramfs cis_security_hardening::rules::cron_daily cis_security_hardening::rules::cron_hourly cis_security_hardening::rules::cron_monthly cis_security_hardening::rules::cron_restrict cis_security_hardening::rules::cron_weekly cis_security_hardening::rules::crond_service cis_security_hardening::rules::crontab cis_security_hardening::rules::crtl_alt_del cis_security_hardening::rules::crypto_policy cis_security_hardening::rules::ctrl_alt_del_graphical cis_security_hardening::rules::cups cis_security_hardening::rules::dac_on_hardlinks cis_security_hardening::rules::dac_on_symlinks cis_security_hardening::rules::debug_shell cis_security_hardening::rules::dev_shm cis_security_hardening::rules::dev_shm_nodev cis_security_hardening::rules::dev_shm_noexec cis_security_hardening::rules::dev_shm_nosuid cis_security_hardening::rules::dhcp cis_security_hardening::rules::disable_apport cis_security_hardening::rules::disable_atm cis_security_hardening::rules::disable_automount cis_security_hardening::rules::disable_bluetooth cis_security_hardening::rules::disable_can cis_security_hardening::rules::disable_core_dumps cis_security_hardening::rules::disable_coredump_socket cis_security_hardening::rules::disable_dccp cis_security_hardening::rules::disable_ip_forwarding cis_security_hardening::rules::disable_ipv6 cis_security_hardening::rules::disable_packet_redirect cis_security_hardening::rules::disable_prelink cis_security_hardening::rules::disable_rds cis_security_hardening::rules::disable_sctp cis_security_hardening::rules::disable_tipc cis_security_hardening::rules::disable_usb_storage cis_security_hardening::rules::disable_wireless cis_security_hardening::rules::dmesg_restrict cis_security_hardening::rules::dns cis_security_hardening::rules::dnsmasq cis_security_hardening::rules::dovecot cis_security_hardening::rules::dracut_fips cis_security_hardening::rules::enable_aslr cis_security_hardening::rules::enable_reverse_path_filtering cis_security_hardening::rules::enable_tcp_syn_cookies cis_security_hardening::rules::etc_crond cis_security_hardening::rules::fapolicyd cis_security_hardening::rules::fapolicyd_policy cis_security_hardening::rules::fapolicyd_service cis_security_hardening::rules::fat cis_security_hardening::rules::fips_bootloader cis_security_hardening::rules::firewalld_default_zone cis_security_hardening::rules::firewalld_install cis_security_hardening::rules::firewalld_interfaces cis_security_hardening::rules::firewalld_ports_services cis_security_hardening::rules::firewalld_service cis_security_hardening::rules::firewire_core cis_security_hardening::rules::freevxfs cis_security_hardening::rules::ftp cis_security_hardening::rules::gdm_auto_mount cis_security_hardening::rules::gdm_autologin cis_security_hardening::rules::gdm_lock_delay cis_security_hardening::rules::gdm_lock_enabled cis_security_hardening::rules::gdm_mfa cis_security_hardening::rules::gdm_screensaver cis_security_hardening::rules::gnome_gdm cis_security_hardening::rules::gnome_gdm_package cis_security_hardening::rules::group_bak_perms cis_security_hardening::rules::group_perms cis_security_hardening::rules::grub_bootloader_config cis_security_hardening::rules::grub_page_poison cis_security_hardening::rules::grub_password cis_security_hardening::rules::grub_slub_debug cis_security_hardening::rules::grub_vsyscall cis_security_hardening::rules::gshadow_bak_perms cis_security_hardening::rules::gshadow_perms cis_security_hardening::rules::gssproxy cis_security_hardening::rules::hfs cis_security_hardening::rules::hfsplus cis_security_hardening::rules::home_grpquota cis_security_hardening::rules::home_nodev cis_security_hardening::rules::home_noexec cis_security_hardening::rules::home_nosuid cis_security_hardening::rules::home_usrquota cis_security_hardening::rules::httpd cis_security_hardening::rules::icmp_redirects cis_security_hardening::rules::ignore_bogus_icmp_responses cis_security_hardening::rules::ignore_icmp_broadcast cis_security_hardening::rules::inactive_password_lock cis_security_hardening::rules::ip6tables_deny_policy cis_security_hardening::rules::ip6tables_loopback cis_security_hardening::rules::ip6tables_open_ports cis_security_hardening::rules::ip6tables_outbound_established cis_security_hardening::rules::iprutils cis_security_hardening::rules::iptables_deny_policy cis_security_hardening::rules::iptables_install cis_security_hardening::rules::iptables_loopback cis_security_hardening::rules::iptables_open_ports cis_security_hardening::rules::iptables_outbound_established cis_security_hardening::rules::ipv6_router_advertisements cis_security_hardening::rules::issue_net_perms cis_security_hardening::rules::issue_perms cis_security_hardening::rules::jffs2 cis_security_hardening::rules::journald_compress cis_security_hardening::rules::journald_persistent cis_security_hardening::rules::journald_rsyslog cis_security_hardening::rules::kdump_service cis_security_hardening::rules::kexec_load_disabled cis_security_hardening::rules::kptr_restrict cis_security_hardening::rules::krb5_server cis_security_hardening::rules::krb5_workstation cis_security_hardening::rules::ldap_client cis_security_hardening::rules::ldapd cis_security_hardening::rules::limits_maxlogins cis_security_hardening::rules::lock_root cis_security_hardening::rules::log_suspicious_packets cis_security_hardening::rules::logfile_permissions cis_security_hardening::rules::login_create_home cis_security_hardening::rules::login_fail_delay cis_security_hardening::rules::logrotate cis_security_hardening::rules::logrotate_configuration cis_security_hardening::rules::mcstrans cis_security_hardening::rules::mfetp cis_security_hardening::rules::motd_perms cis_security_hardening::rules::mta_local cis_security_hardening::rules::mta_unrestriced_relay cis_security_hardening::rules::net_bpf_jit_harden cis_security_hardening::rules::net_snmp cis_security_hardening::rules::nfs cis_security_hardening::rules::nfs_nodev cis_security_hardening::rules::nfs_noexec cis_security_hardening::rules::nfs_nosuid cis_security_hardening::rules::nfs_sec_opt cis_security_hardening::rules::nfs_utils cis_security_hardening::rules::nftables_base_chains cis_security_hardening::rules::nftables_default_deny cis_security_hardening::rules::nftables_flush_iptables cis_security_hardening::rules::nftables_install cis_security_hardening::rules::nftables_loopback cis_security_hardening::rules::nftables_outbound_established cis_security_hardening::rules::nftables_persistence cis_security_hardening::rules::nftables_service cis_security_hardening::rules::nftables_table cis_security_hardening::rules::nis cis_security_hardening::rules::nis_client cis_security_hardening::rules::ntp_package cis_security_hardening::rules::ntpd cis_security_hardening::rules::opassword_perms cis_security_hardening::rules::opensc_pkcs11 cis_security_hardening::rules::openssl_pkcs11 cis_security_hardening::rules::pam_cached_auth cis_security_hardening::rules::pam_fail_delay cis_security_hardening::rules::pam_last_logon cis_security_hardening::rules::pam_libpwquality cis_security_hardening::rules::pam_lockout cis_security_hardening::rules::pam_mfa cis_security_hardening::rules::pam_mfa_redhat cis_security_hardening::rules::pam_old_passwords cis_security_hardening::rules::pam_passwd cis_security_hardening::rules::pam_passwd_sha512 cis_security_hardening::rules::pam_pkcs11 cis_security_hardening::rules::pam_pw_requirements cis_security_hardening::rules::pam_use_mappers cis_security_hardening::rules::passwd_bak_perms cis_security_hardening::rules::passwd_expiration cis_security_hardening::rules::passwd_inactive_days cis_security_hardening::rules::passwd_min_days cis_security_hardening::rules::passwd_perms cis_security_hardening::rules::passwd_sha512 cis_security_hardening::rules::passwd_warn_days cis_security_hardening::rules::perf_event_paranoid cis_security_hardening::rules::pki_certs_validation cis_security_hardening::rules::policycoreutils cis_security_hardening::rules::postmaster_alias cis_security_hardening::rules::pti cis_security_hardening::rules::ptrace_scope cis_security_hardening::rules::restrict_core_dumps cis_security_hardening::rules::restrict_su cis_security_hardening::rules::rhnsd cis_security_hardening::rules::rng_tools cis_security_hardening::rules::rngd cis_security_hardening::rules::root_gid cis_security_hardening::rules::rpcbind cis_security_hardening::rules::rsh_client cis_security_hardening::rules::rsh_server cis_security_hardening::rules::rsyncd cis_security_hardening::rules::rsyslog_default_file_perms cis_security_hardening::rules::rsyslog_installed cis_security_hardening::rules::rsyslog_logging cis_security_hardening::rules::rsyslog_remote_logs cis_security_hardening::rules::rsyslog_remote_syslog cis_security_hardening::rules::rsyslog_service cis_security_hardening::rules::samba cis_security_hardening::rules::secure_icmp_redirects cis_security_hardening::rules::selinux cis_security_hardening::rules::selinux_bootloader cis_security_hardening::rules::selinux_policy cis_security_hardening::rules::selinux_state cis_security_hardening::rules::sendmail cis_security_hardening::rules::setroubleshoot cis_security_hardening::rules::shadow_bak_perms cis_security_hardening::rules::shadow_encrypt_sha512 cis_security_hardening::rules::shadow_perms cis_security_hardening::rules::shadowed_passwords cis_security_hardening::rules::shell_nologin cis_security_hardening::rules::shells_perms cis_security_hardening::rules::single_user_mode cis_security_hardening::rules::source_routed_packets cis_security_hardening::rules::squashfs cis_security_hardening::rules::squid cis_security_hardening::rules::sshd_banner cis_security_hardening::rules::sshd_ciphers cis_security_hardening::rules::sshd_compression cis_security_hardening::rules::sshd_config_permissions cis_security_hardening::rules::sshd_crypto_policy cis_security_hardening::rules::sshd_empty_passwords cis_security_hardening::rules::sshd_gssapi cis_security_hardening::rules::sshd_hostbased_authentication cis_security_hardening::rules::sshd_ignore_rhosts cis_security_hardening::rules::sshd_ignore_user_known_hosts cis_security_hardening::rules::sshd_install cis_security_hardening::rules::sshd_kerberos cis_security_hardening::rules::sshd_kex cis_security_hardening::rules::sshd_limit_access cis_security_hardening::rules::sshd_login_gracetime cis_security_hardening::rules::sshd_loglevel cis_security_hardening::rules::sshd_macs cis_security_hardening::rules::sshd_max_auth_tries cis_security_hardening::rules::sshd_max_sessions cis_security_hardening::rules::sshd_max_startups cis_security_hardening::rules::sshd_printlastlog cis_security_hardening::rules::sshd_priv_separation cis_security_hardening::rules::sshd_private_keys cis_security_hardening::rules::sshd_protocol cis_security_hardening::rules::sshd_public_keys cis_security_hardening::rules::sshd_rekey_limit cis_security_hardening::rules::sshd_root_login cis_security_hardening::rules::sshd_rsa_rhosts_authentication cis_security_hardening::rules::sshd_strict_modes cis_security_hardening::rules::sshd_strong_rng cis_security_hardening::rules::sshd_tcp_forwarding cis_security_hardening::rules::sshd_timeouts cis_security_hardening::rules::sshd_use_pam cis_security_hardening::rules::sshd_user_environment cis_security_hardening::rules::sshd_x11_forward cis_security_hardening::rules::sshd_x11_use_localhost cis_security_hardening::rules::sssd_ldap_tls_reqcert cis_security_hardening::rules::sssd_mfa_services cis_security_hardening::rules::sssd_use_start_tls cis_security_hardening::rules::sticky_world_writeable_files cis_security_hardening::rules::sudo_installed cis_security_hardening::rules::sudo_log cis_security_hardening::rules::sudo_passwd_required cis_security_hardening::rules::sudo_timeout cis_security_hardening::rules::sudo_use_pty cis_security_hardening::rules::system_cmd_group cis_security_hardening::rules::systemd_journal_remote cis_security_hardening::rules::systemd_journal_remote_config cis_security_hardening::rules::systemd_journal_remote_receive cis_security_hardening::rules::systemd_journal_remote_service cis_security_hardening::rules::systemd_journald_service cis_security_hardening::rules::systemd_timesyncd cis_security_hardening::rules::talk_client cis_security_hardening::rules::telnet_client cis_security_hardening::rules::telnet_server cis_security_hardening::rules::tftp_client cis_security_hardening::rules::tftp_server cis_security_hardening::rules::timeout_setting cis_security_hardening::rules::timezone_utc_gmt cis_security_hardening::rules::tmp_filesystem cis_security_hardening::rules::tmp_nodev cis_security_hardening::rules::tmp_noexec cis_security_hardening::rules::tmp_nosuid cis_security_hardening::rules::tmux_package cis_security_hardening::rules::tuned cis_security_hardening::rules::udf cis_security_hardening::rules::ufw_default_deny cis_security_hardening::rules::ufw_install cis_security_hardening::rules::ufw_loopback cis_security_hardening::rules::ufw_open_ports cis_security_hardening::rules::ufw_outbound cis_security_hardening::rules::ufw_service cis_security_hardening::rules::umask_setting cis_security_hardening::rules::unprivileged_bpf_disabled cis_security_hardening::rules::usbguard_package cis_security_hardening::rules::usbguard_service cis_security_hardening::rules::user_namespaces cis_security_hardening::rules::var_log_audit_nodev cis_security_hardening::rules::var_log_audit_noexec cis_security_hardening::rules::var_log_audit_nosuid cis_security_hardening::rules::var_log_nodev cis_security_hardening::rules::var_log_noexec cis_security_hardening::rules::var_log_nosuid cis_security_hardening::rules::var_log_syslog_perms cis_security_hardening::rules::var_nodev cis_security_hardening::rules::var_noexec cis_security_hardening::rules::var_nosuid cis_security_hardening::rules::var_tmp_nodev cis_security_hardening::rules::var_tmp_noexec cis_security_hardening::rules::var_tmp_nosuid cis_security_hardening::rules::vlock cis_security_hardening::rules::vsftp cis_security_hardening::rules::x11_installed cis_security_hardening::rules::xdmcp_config cis_security_hardening::rules::xinetd cis_security_hardening::rules::yum_clean_requirements cis_security_hardening::rules::yum_gpgcheck cis_security_hardening::rules::yum_local_gpgcheck cis_security_hardening::rules::zypper_gpgcheck cis_security_hardening::services cis_security_hardening::sticky_world_writable_cron

Data Type Listing A-Z

C Cis_security_hardening::Mountoption (Alias) Cis_security_hardening::Mountpoint (Alias) Cis_security_hardening::Nftables_address_families (Alias) Cis_security_hardening::Numbers_letters (Alias) Cis_security_hardening::Servicename (Alias) Cis_security_hardening::Word (Alias)

Defined Type Listing A-Z

C cis_security_hardening::parent_dirs cis_security_hardening::set_mount_options cis_security_hardening::unmask_systemd_service

Puppet Function Listing A-Z

C cis_security_hardening::hash_key (Puppet Language) S sanitize_input (Ruby 4.x API)

Puppet Task Listing A-Z

A audit_sgid_executables audit_suid_executables C check_auditd_dirs_and_files check_for_duplicate_gids check_for_duplicate_group_names check_for_duplicate_uids check_for_duplicate_user_names check_for_forward_files check_for_nertrc_files check_for_rhosts_files check_inactive_passwd_lock check_pass_max_days check_pass_min_days check_pass_warn_age check_root_path_integrety check_shadow_group_is_empty check_shell_timeout check_stig_cert_fingerprints check_system_accounts_secured check_uid_0_files check_unconfines_services check_user_home_dirs_exist check_user_last_passwd_in_past check_users_dot_files check_users_own_home_dirs cleanup_old_stuff F find_ungrouped_files_dirs find_unowned_files_dirs find_world_writable_files fix_wrong_home_dir_permissions

File Listing

• README