-
Notifications
You must be signed in to change notification settings - Fork 63
CentOS
Richard Spindler edited this page Jan 15, 2017
·
1 revision
CIS benchmarks:
https://benchmarks.cisecurity.org/downloads/multiform/index.cfm
This output is in an older format:
# ./lunar.sh -a
Running: In audit mode (no changes will be made to system)
Filesystem checks will not be done
# SYSTEM INFORMATION:
Platform: CentOS Linux 5 Update 9 on x86_64
Checking: Security message in /etc/issue
Warning: No security message in /etc/issue [-1]
Checking: Value of "Protocol" in /etc/ssh/sshd_config is "2"
Secure: Parameter "Protocol" already set to "2" in /etc/ssh/sshd_config [0]
Checking: Value of "X11Forwarding" in /etc/ssh/sshd_config is "no"
Warning: Parameter "X11Forwarding" not set to "no" in /etc/ssh/sshd_config [-1]
Checking: Value of "MaxAuthTries" in /etc/ssh/sshd_config is "3"
Warning: Parameter "MaxAuthTries" not set to "3" in /etc/ssh/sshd_config [-2]
Checking: Value of "MaxAuthTriesLog" in /etc/ssh/sshd_config is "0"
Warning: Parameter "MaxAuthTriesLog" not set to "0" in /etc/ssh/sshd_config [-3]
Checking: Value of "RhostsAuthentication" in /etc/ssh/sshd_config is "no"
Warning: Parameter "RhostsAuthentication" not set to "no" in /etc/ssh/sshd_config [-4]
Checking: Value of "IgnoreRhosts" in /etc/ssh/sshd_config is "yes"
Warning: Parameter "IgnoreRhosts" not set to "yes" in /etc/ssh/sshd_config [-5]
Checking: Value of "StrictModes" in /etc/ssh/sshd_config is "yes"
Warning: Parameter "StrictModes" not set to "yes" in /etc/ssh/sshd_config [-6]
Checking: Value of "AllowTcpForwarding" in /etc/ssh/sshd_config is "no"
Warning: Parameter "AllowTcpForwarding" not set to "no" in /etc/ssh/sshd_config [-7]
Checking: Value of "ServerKeyBits" in /etc/ssh/sshd_config is "1024"
Warning: Parameter "ServerKeyBits" not set to "1024" in /etc/ssh/sshd_config [-8]
Checking: Value of "GatewayPorts" in /etc/ssh/sshd_config is "no"
Warning: Parameter "GatewayPorts" not set to "no" in /etc/ssh/sshd_config [-9]
Checking: Value of "RhostsRSAAuthentication" in /etc/ssh/sshd_config is "no"
Warning: Parameter "RhostsRSAAuthentication" not set to "no" in /etc/ssh/sshd_config [-10]
Checking: Value of "PermitRootLogin" in /etc/ssh/sshd_config is "no"
Warning: Parameter "PermitRootLogin" not set to "no" in /etc/ssh/sshd_config [-11]
Checking: Value of "PermitEmptyPasswords" in /etc/ssh/sshd_config is "no"
Warning: Parameter "PermitEmptyPasswords" not set to "no" in /etc/ssh/sshd_config [-12]
Checking: Value of "PermitUserEnvironment" in /etc/ssh/sshd_config is "no"
Warning: Parameter "PermitUserEnvironment" not set to "no" in /etc/ssh/sshd_config [-13]
Checking: Value of "HostbasedAuthentication" in /etc/ssh/sshd_config is "no"
Warning: Parameter "HostbasedAuthentication" not set to "no" in /etc/ssh/sshd_config [-14]
Checking: Value of "Banner" in /etc/ssh/sshd_config is "/etc/issue"
Warning: Parameter "Banner" not set to "/etc/issue" in /etc/ssh/sshd_config [-15]
Checking: Value of "PrintMotd" in /etc/ssh/sshd_config is "no"
Warning: Parameter "PrintMotd" not set to "no" in /etc/ssh/sshd_config [-16]
Checking: Value of "ClientAliveInterval" in /etc/ssh/sshd_config is "300"
Warning: Parameter "ClientAliveInterval" not set to "300" in /etc/ssh/sshd_config [-17]
Checking: Value of "ClientAliveCountMax" in /etc/ssh/sshd_config is "0"
Warning: Parameter "ClientAliveCountMax" not set to "0" in /etc/ssh/sshd_config [-18]
Checking: Value of "LogLevel" in /etc/ssh/sshd_config is "VERBOSE"
Warning: Parameter "LogLevel" not set to "VERBOSE" in /etc/ssh/sshd_config [-19]
Checking: Value of "RSAAuthentication" in /etc/ssh/sshd_config is "no"
Warning: Parameter "RSAAuthentication" not set to "no" in /etc/ssh/sshd_config [-20]
Checking: Value of "UsePrivilegeSeparation" in /etc/ssh/sshd_config is "yes"
Warning: Parameter "UsePrivilegeSeparation" not set to "yes" in /etc/ssh/sshd_config [-21]
Checking: Value of "LoginGraceTime" in /etc/ssh/sshd_config is "120"
Warning: Parameter "LoginGraceTime" not set to "120" in /etc/ssh/sshd_config [-22]
Checking: Value of "AllowTcpForwarding" in /etc/ssh/sshd_config is "yes"
Warning: Parameter "AllowTcpForwarding" not set to "yes" in /etc/ssh/sshd_config [-23]
Checking: Service telnet at run level 3
Notice: Service telnet is not installed [-22]
Checking: Service telnet at run level 5
Notice: Service telnet is not installed [-21]
Checking: Service login at run level 3
Notice: Service login is not installed [-20]
Checking: Service login at run level 5
Notice: Service login is not installed [-19]
Checking: Service rlogin at run level 3
Notice: Service rlogin is not installed [-18]
Checking: Service rlogin at run level 5
Notice: Service rlogin is not installed [-17]
Checking: Service rsh at run level 3
Notice: Service rsh is not installed [-16]
Checking: Service rsh at run level 5
Notice: Service rsh is not installed [-15]
Checking: Service shell at run level 3
Notice: Service shell is not installed [-14]
Checking: Service shell at run level 5
Notice: Service shell is not installed [-13]
Checking: Remote consoles
Warning: Consoles enabled on tty1 tty2 tty3 tty4 tty5 tty6 tty7 tty8 tty9 tty10 tty11 [-14]
Checking: Rhost authentication disabled in /etc/pam.d/atd [-14]
Secure: Rhost authentication disabled in /etc/pam.d/atd [-13]
Checking: Rhost authentication disabled in /etc/pam.d/authconfig [-13]
Secure: Rhost authentication disabled in /etc/pam.d/authconfig [-12]
Checking: Rhost authentication disabled in /etc/pam.d/authconfig-tui [-12]
Secure: Rhost authentication disabled in /etc/pam.d/authconfig-tui [-11]
Checking: Rhost authentication disabled in /etc/pam.d/chfn [-11]
Secure: Rhost authentication disabled in /etc/pam.d/chfn [-10]
Checking: Rhost authentication disabled in /etc/pam.d/chsh [-10]
Secure: Rhost authentication disabled in /etc/pam.d/chsh [-9]
Checking: Rhost authentication disabled in /etc/pam.d/config-util [-9]
Secure: Rhost authentication disabled in /etc/pam.d/config-util [-8]
Checking: Rhost authentication disabled in /etc/pam.d/crond [-8]
Secure: Rhost authentication disabled in /etc/pam.d/crond [-7]
Checking: Rhost authentication disabled in /etc/pam.d/eject [-7]
Secure: Rhost authentication disabled in /etc/pam.d/eject [-6]
Checking: Rhost authentication disabled in /etc/pam.d/ekshell [-6]
Warning: Rhost authentication enabled in /etc/pam.d/ekshell [-7]
Checking: Rhost authentication disabled in /etc/pam.d/gssftp [-7]
Secure: Rhost authentication disabled in /etc/pam.d/gssftp [-6]
Checking: Rhost authentication disabled in /etc/pam.d/halt [-6]
Secure: Rhost authentication disabled in /etc/pam.d/halt [-5]
Checking: Rhost authentication disabled in /etc/pam.d/kbdrate [-5]
Secure: Rhost authentication disabled in /etc/pam.d/kbdrate [-4]
Checking: Rhost authentication disabled in /etc/pam.d/kshell [-4]
Warning: Rhost authentication enabled in /etc/pam.d/kshell [-5]
Checking: Rhost authentication disabled in /etc/pam.d/ksu [-5]
Secure: Rhost authentication disabled in /etc/pam.d/ksu [-4]
Checking: Rhost authentication disabled in /etc/pam.d/login [-4]
Secure: Rhost authentication disabled in /etc/pam.d/login [-3]
Checking: Rhost authentication disabled in /etc/pam.d/neat [-3]
Secure: Rhost authentication disabled in /etc/pam.d/neat [-2]
Checking: Rhost authentication disabled in /etc/pam.d/newrole [-2]
Secure: Rhost authentication disabled in /etc/pam.d/newrole [-1]
Checking: Rhost authentication disabled in /etc/pam.d/other [-1]
Secure: Rhost authentication disabled in /etc/pam.d/other [0]
Checking: Rhost authentication disabled in /etc/pam.d/passwd [0]
Secure: Rhost authentication disabled in /etc/pam.d/passwd [1]
Checking: Rhost authentication disabled in /etc/pam.d/pm-hibernate [1]
Secure: Rhost authentication disabled in /etc/pam.d/pm-hibernate [2]
Checking: Rhost authentication disabled in /etc/pam.d/pm-powersave [2]
Secure: Rhost authentication disabled in /etc/pam.d/pm-powersave [3]
Checking: Rhost authentication disabled in /etc/pam.d/pm-suspend [3]
Secure: Rhost authentication disabled in /etc/pam.d/pm-suspend [4]
Checking: Rhost authentication disabled in /etc/pam.d/pm-suspend-hybrid [4]
Secure: Rhost authentication disabled in /etc/pam.d/pm-suspend-hybrid [5]
Checking: Rhost authentication disabled in /etc/pam.d/poweroff [5]
Secure: Rhost authentication disabled in /etc/pam.d/poweroff [6]
Checking: Rhost authentication disabled in /etc/pam.d/ppp [6]
Secure: Rhost authentication disabled in /etc/pam.d/ppp [7]
Checking: Rhost authentication disabled in /etc/pam.d/reboot [7]
Secure: Rhost authentication disabled in /etc/pam.d/reboot [8]
Checking: Rhost authentication disabled in /etc/pam.d/remote [8]
Secure: Rhost authentication disabled in /etc/pam.d/remote [9]
Checking: Rhost authentication disabled in /etc/pam.d/run_init [9]
Secure: Rhost authentication disabled in /etc/pam.d/run_init [10]
Checking: Rhost authentication disabled in /etc/pam.d/runuser [10]
Secure: Rhost authentication disabled in /etc/pam.d/runuser [11]
Checking: Rhost authentication disabled in /etc/pam.d/runuser-l [11]
Secure: Rhost authentication disabled in /etc/pam.d/runuser-l [12]
Checking: Rhost authentication disabled in /etc/pam.d/setup [12]
Secure: Rhost authentication disabled in /etc/pam.d/setup [13]
Checking: Rhost authentication disabled in /etc/pam.d/smtp [13]
Secure: Rhost authentication disabled in /etc/pam.d/smtp [14]
Checking: Rhost authentication disabled in /etc/pam.d/smtp.sendmail [14]
Secure: Rhost authentication disabled in /etc/pam.d/smtp.sendmail [15]
Checking: Rhost authentication disabled in /etc/pam.d/sshd [15]
Secure: Rhost authentication disabled in /etc/pam.d/sshd [16]
Checking: Rhost authentication disabled in /etc/pam.d/su [16]
Secure: Rhost authentication disabled in /etc/pam.d/su [17]
Checking: Rhost authentication disabled in /etc/pam.d/sudo [17]
Secure: Rhost authentication disabled in /etc/pam.d/sudo [18]
Checking: Rhost authentication disabled in /etc/pam.d/sudo-i [18]
Secure: Rhost authentication disabled in /etc/pam.d/sudo-i [19]
Checking: Rhost authentication disabled in /etc/pam.d/su-l [19]
Secure: Rhost authentication disabled in /etc/pam.d/su-l [20]
Checking: Rhost authentication disabled in /etc/pam.d/system-auth [20]
Secure: Rhost authentication disabled in /etc/pam.d/system-auth [21]
Checking: Rhost authentication disabled in /etc/pam.d/system-auth-ac [21]
Secure: Rhost authentication disabled in /etc/pam.d/system-auth-ac [22]
Checking: Rhost authentication disabled in /etc/pam.d/system-config-network [22]
Secure: Rhost authentication disabled in /etc/pam.d/system-config-network [23]
Checking: Rhost authentication disabled in /etc/pam.d/system-config-network-cmd [23]
Secure: Rhost authentication disabled in /etc/pam.d/system-config-network-cmd [24]
Checking: Rhost authentication disabled in /etc/pam.d/vmtoolsd [24]
Secure: Rhost authentication disabled in /etc/pam.d/vmtoolsd [25]
Checking: Rhosts files
Checking: File /.rhosts does not exist
Secure: File /.rhosts does not exist [26]
Checking: File /.shosts does not exist
Secure: File /.shosts does not exist [27]
Checking: File /etc/hosts.equiv does not exist
Secure: File /etc/hosts.equiv does not exist [28]
Checking: For .netrc files
Secure: File /root/.netrc does not exist [29]
Secure: File /bin/.netrc does not exist [30]
Secure: File /sbin/.netrc does not exist [31]
Secure: File /var/adm/.netrc does not exist [32]
Secure: File /var/spool/lpd/.netrc does not exist [33]
Secure: File /sbin/.netrc does not exist [34]
Secure: File /sbin/.netrc does not exist [35]
Secure: File /sbin/.netrc does not exist [36]
Secure: File /var/spool/mail/.netrc does not exist [37]
Secure: File /etc/news/.netrc does not exist [38]
Secure: File /var/spool/uucp/.netrc does not exist [39]
Secure: File /root/.netrc does not exist [40]
Secure: File /usr/games/.netrc does not exist [41]
Secure: File /var/gopher/.netrc does not exist [42]
Secure: File /var/ftp/.netrc does not exist [43]
Secure: File /.netrc does not exist [44]
Secure: File /.netrc does not exist [45]
Secure: File /dev/.netrc does not exist [46]
Secure: File /var/arpwatch/.netrc does not exist [47]
Secure: File /.netrc does not exist [48]
Secure: File /.netrc does not exist [49]
Secure: File /var/spool/mqueue/.netrc does not exist [50]
Secure: File /var/spool/mqueue/.netrc does not exist [51]
Secure: File /var/empty/sshd/.netrc does not exist [52]
Secure: File /.netrc does not exist [53]
Secure: File /var/lib/avahi-autoipd/.netrc does not exist [54]
Secure: File /var/lib/nfs/.netrc does not exist [55]
Secure: File /var/lib/nfs/.netrc does not exist [56]
Secure: File /home/sysadmin/.netrc does not exist [57]
Warning: No Authentication required for single usermode [56]
Checking: Value of "SINGLE" in /etc/sysconfig/init is "/sbin/sulogin"
Warning: Parameter "SINGLE" not set to "/sbin/sulogin" in /etc/sysconfig/init [55]
Checking: Value of "PROMPT" in /etc/sysconfig/init is "no"
Warning: Parameter "PROMPT" not set to "no" in /etc/sysconfig/init [54]
Checking: File permissions on /etc/sysconfig/init
Warning: File /etc/sysconfig/init has incorrect permissions [53]
Checking: System accounting is enabled
Warning: System accounting not enabled [52]
Checking: Parameter "-f 1" is set in /etc/audit/audit.rules
Warning: Parameter "-f 1" does not exist in /etc/audit/audit.rules [51]
Checking: Parameter "-a always,exit -F arch=b32 -S adjtimex -S settimeofday -S stime -k time-change" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b32 -S adjtimex -S settimeofday -S stime -k time-change" does not exist in /etc/audit/audit.rules [50]
Checking: Parameter "-a always,exit -F arch=b64 -S adjtimex -S settimeofday -k time-change" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b64 -S adjtimex -S settimeofday -k time-change" does not exist in /etc/audit/audit.rules [49]
Checking: Parameter "-a always,exit -F arch=b32 -S clock_settime -k time-change" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b32 -S clock_settime -k time-change" does not exist in /etc/audit/audit.rules [48]
Checking: Parameter "-a always,exit -F arch=b64 -S clock_settime -k time-change" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b64 -S clock_settime -k time-change" does not exist in /etc/audit/audit.rules [47]
Checking: Parameter "-w /etc/localtime -p wa -k time-change" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/localtime -p wa -k time-change" does not exist in /etc/audit/audit.rules [46]
Checking: Parameter "-w /etc/group -p wa -k identity" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/group -p wa -k identity" does not exist in /etc/audit/audit.rules [45]
Checking: Parameter "-w /etc/passwd -p wa -k identity" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/passwd -p wa -k identity" does not exist in /etc/audit/audit.rules [44]
Checking: Parameter "-w /etc/gshadow -p wa -k identity" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/gshadow -p wa -k identity" does not exist in /etc/audit/audit.rules [43]
Checking: Parameter "-w /etc/shadow -p wa -k identity" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/shadow -p wa -k identity" does not exist in /etc/audit/audit.rules [42]
Checking: Parameter "-w /etc/security/opasswd -p wa -k identity" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/security/opasswd -p wa -k identity" does not exist in /etc/audit/audit.rules [41]
Checking: Parameter "-a exit,always -F arch=b32 -S sethostname -S setdomainname -k system-locale" is set in /etc/audit/audit.rules
Warning: Parameter "-a exit,always -F arch=b32 -S sethostname -S setdomainname -k system-locale" does not exist in /etc/audit/audit.rules [40]
Checking: Parameter "-a exit,always -F arch=b64 -S sethostname -S setdomainname -k system-locale" is set in /etc/audit/audit.rules
Warning: Parameter "-a exit,always -F arch=b64 -S sethostname -S setdomainname -k system-locale" does not exist in /etc/audit/audit.rules [39]
Checking: Parameter "-w /etc/issue -p wa -k system-locale" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/issue -p wa -k system-locale" does not exist in /etc/audit/audit.rules [38]
Checking: Parameter "-w /etc/issue.net -p wa -k system-locale" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/issue.net -p wa -k system-locale" does not exist in /etc/audit/audit.rules [37]
Checking: Parameter "-w /etc/hosts -p wa -k system-locale" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/hosts -p wa -k system-locale" does not exist in /etc/audit/audit.rules [36]
Checking: Parameter "-w /etc/sysconfig/network -p wa -k system-locale" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/sysconfig/network -p wa -k system-locale" does not exist in /etc/audit/audit.rules [35]
Checking: Parameter "-w /etc/selinux/ -p wa -k MAC-policy" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/selinux/ -p wa -k MAC-policy" does not exist in /etc/audit/audit.rules [34]
Checking: Parameter "-w /var/log/faillog -p wa -k logins" is set in /etc/audit/audit.rules
Warning: Parameter "-w /var/log/faillog -p wa -k logins" does not exist in /etc/audit/audit.rules [33]
Checking: Parameter "-w /var/log/lastlog -p wa -k logins" is set in /etc/audit/audit.rules
Warning: Parameter "-w /var/log/lastlog -p wa -k logins" does not exist in /etc/audit/audit.rules [32]
Checking: Parameter "-w /var/run/utmp -p wa -k session" is set in /etc/audit/audit.rules
Warning: Parameter "-w /var/run/utmp -p wa -k session" does not exist in /etc/audit/audit.rules [31]
Checking: Parameter "-w /var/log/btmp -p wa -k session" is set in /etc/audit/audit.rules
Warning: Parameter "-w /var/log/btmp -p wa -k session" does not exist in /etc/audit/audit.rules [30]
Checking: Parameter "-w /var/log/wtmp -p wa -k session" is set in /etc/audit/audit.rules
Warning: Parameter "-w /var/log/wtmp -p wa -k session" does not exist in /etc/audit/audit.rules [29]
Checking: Parameter "-a always,exit -F arch=b32 -S chmod -S fchmod -S fchmodat -F auid>=500 -F auid!=4294967295 -k perm_mod" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b32 -S chmod -S fchmod -S fchmodat -F auid>=500 -F auid!=4294967295 -k perm_mod" does not exist in /etc/audit/audit.rules [28]
Checking: Parameter "-a always,exit -F arch=b64 -S chmod -S fchmod -S fchmodat -F auid>=500 -F auid!=4294967295 -k perm_mod" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b64 -S chmod -S fchmod -S fchmodat -F auid>=500 -F auid!=4294967295 -k perm_mod" does not exist in /etc/audit/audit.rules [27]
Checking: Parameter "-a always,exit -F arch=b32 -S chown -S fchown -S fchownat -S lchown -F auid>=500 - F auid!=4294967295 -k perm_mod" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b32 -S chown -S fchown -S fchownat -S lchown -F auid>=500 - F auid!=4294967295 -k perm_mod" does not exist in /etc/audit/audit.rules [26]
Checking: Parameter "-a always,exit -F arch=b64 -S chown -S fchown -S fchownat -S lchown -F auid>=500 - F auid!=4294967295 -k perm_mod" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b64 -S chown -S fchown -S fchownat -S lchown -F auid>=500 - F auid!=4294967295 -k perm_mod" does not exist in /etc/audit/audit.rules [25]
Checking: Parameter "-a always,exit -F arch=b32 -S setxattr -S lsetxattr -S fsetxattr -S removexattr -S lremovexattr -S fremovexattr -F auid>=500 -F auid!=4294967295 -k perm_mod" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b32 -S setxattr -S lsetxattr -S fsetxattr -S removexattr -S lremovexattr -S fremovexattr -F auid>=500 -F auid!=4294967295 -k perm_mod" does not exist in /etc/audit/audit.rules [24]
Checking: Parameter "-a always,exit -F arch=b64 -S setxattr -S lsetxattr -S fsetxattr -S removexattr -S lremovexattr -S fremovexattr -F auid>=500 -F auid!=4294967295 -k perm_mod" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b64 -S setxattr -S lsetxattr -S fsetxattr -S removexattr -S lremovexattr -S fremovexattr -F auid>=500 -F auid!=4294967295 -k perm_mod" does not exist in /etc/audit/audit.rules [23]
Checking: Parameter "-a always,exit -F arch=b32 -S creat -S open -S openat -S truncate -S ftruncate -F exit=-EACCES -F auid>=500 -F auid!=4294967295 -k access" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b32 -S creat -S open -S openat -S truncate -S ftruncate -F exit=-EACCES -F auid>=500 -F auid!=4294967295 -k access" does not exist in /etc/audit/audit.rules [22]
Checking: Parameter "-a always,exit -F arch=b32 -S creat -S open -S openat -S truncate -S ftruncate -F exit=-EPERM -F auid>=500 -F auid!=4294967295 -k access" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b32 -S creat -S open -S openat -S truncate -S ftruncate -F exit=-EPERM -F auid>=500 -F auid!=4294967295 -k access" does not exist in /etc/audit/audit.rules [21]
Checking: Parameter "-a always,exit -F arch=b64 -S creat -S open -S openat -S truncate -S ftruncate -F exit=-EACCES -F auid>=500 -F auid!=4294967295 -k access" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b64 -S creat -S open -S openat -S truncate -S ftruncate -F exit=-EACCES -F auid>=500 -F auid!=4294967295 -k access" does not exist in /etc/audit/audit.rules [20]
Checking: Parameter "-a always,exit -F arch=b64 -S creat -S open -S openat -S truncate -S ftruncate -F exit=-EPERM -F auid>=500 -F auid!=4294967295 -k access" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b64 -S creat -S open -S openat -S truncate -S ftruncate -F exit=-EPERM -F auid>=500 -F auid!=4294967295 -k access" does not exist in /etc/audit/audit.rules [19]
Checking: Parameter "-a always,exit -F arch=b32 -S mount -F auid>=500 -F auid!=4294967295 -k export" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b32 -S mount -F auid>=500 -F auid!=4294967295 -k export" does not exist in /etc/audit/audit.rules [18]
Checking: Parameter "-a always,exit -F arch=b64 -S mount -F auid>=500 -F auid!=4294967295 -k export" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b64 -S mount -F auid>=500 -F auid!=4294967295 -k export" does not exist in /etc/audit/audit.rules [17]
Checking: Parameter "-a always,exit -F arch=b32 -S unlink -S unlinkat -S rename -S renameat -F auid>=500 -F auid!=4294967295 -k delete" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b32 -S unlink -S unlinkat -S rename -S renameat -F auid>=500 -F auid!=4294967295 -k delete" does not exist in /etc/audit/audit.rules [16]
Checking: Parameter "-a always,exit -F arch=b64 -S unlink -S unlinkat -S rename -S renameat -F auid>=500 -F auid!=4294967295 -k delete" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b64 -S unlink -S unlinkat -S rename -S renameat -F auid>=500 -F auid!=4294967295 -k delete" does not exist in /etc/audit/audit.rules [15]
Checking: Parameter "-w /etc/sudoers -p wa -k scope" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/sudoers -p wa -k scope" does not exist in /etc/audit/audit.rules [14]
Checking: Parameter "-w /etc/sudoers -p wa -k actions" is set in /etc/audit/audit.rules
Warning: Parameter "-w /etc/sudoers -p wa -k actions" does not exist in /etc/audit/audit.rules [13]
Checking: Parameter "-w /sbin/insmod -p x -k modules" is set in /etc/audit/audit.rules
Warning: Parameter "-w /sbin/insmod -p x -k modules" does not exist in /etc/audit/audit.rules [12]
Checking: Parameter "-w /sbin/rmmod -p x -k modules" is set in /etc/audit/audit.rules
Warning: Parameter "-w /sbin/rmmod -p x -k modules" does not exist in /etc/audit/audit.rules [11]
Checking: Parameter "-w /sbin/modprobe -p x -k modules" is set in /etc/audit/audit.rules
Warning: Parameter "-w /sbin/modprobe -p x -k modules" does not exist in /etc/audit/audit.rules [10]
Checking: Parameter "-a always,exit -S init_module -S delete_module -k modules" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -S init_module -S delete_module -k modules" does not exist in /etc/audit/audit.rules [9]
Checking: Parameter "-a always,exit -F arch=b64 -S mount -F auid>=500 -F auid!=4294967295 -k mounts" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b64 -S mount -F auid>=500 -F auid!=4294967295 -k mounts" does not exist in /etc/audit/audit.rules [8]
Checking: Parameter "-a always,exit -F arch=b32 -S mount -F auid>=500 -F auid!=4294967295 -k mounts" is set in /etc/audit/audit.rules
Warning: Parameter "-a always,exit -F arch=b32 -S mount -F auid>=500 -F auid!=4294967295 -k mounts" does not exist in /etc/audit/audit.rules [7]
Checking: Parameter "" is set in /etc/audit/audit.rules
Secure: Parameter "" exists in /etc/audit/audit.rules [8]
Checking: Parameter "space_left_action = email" is set in /etc/audit/audit.rules
Warning: Parameter "space_left_action = email" does not exist in /etc/audit/audit.rules [7]
Checking: Parameter "action_mail_acct = email" is set in /etc/audit/audit.rules
Warning: Parameter "action_mail_acct = email" does not exist in /etc/audit/audit.rules [6]
Checking: Parameter "admin_space_left_action = email" is set in /etc/audit/audit.rules
Warning: Parameter "admin_space_left_action = email" does not exist in /etc/audit/audit.rules [5]
Checking: Parameter "max_log_file = MB" is set in /etc/audit/audit.rules
Warning: Parameter "max_log_file = MB" does not exist in /etc/audit/audit.rules [4]
Checking: Parameter "max_log_file_action = keep_logs" is set in /etc/audit/audit.rules
Warning: Parameter "max_log_file_action = keep_logs" does not exist in /etc/audit/audit.rules [3]
Checking: Parameter "-e 2" is set in /etc/audit/audit.rules
Warning: Parameter "-e 2" does not exist in /etc/audit/audit.rules [2]
Checking: Service sysstat at run level 3
Notice: Service sysstat is not installed [3]
Checking: Service sysstat at run level 5
Notice: Service sysstat is not installed [4]
Checking: Service sysstat at run level 3
Notice: Service sysstat is not installed [5]
Checking: Service sysstat at run level 5
Notice: Service sysstat is not installed [6]
Checking: Value of "ALL" in /etc/hosts.deny is " ALL"
Warning: Parameter "ALL" not set to " ALL" in /etc/hosts.deny [5]
Checking: Value of "ALL" in /etc/hosts.allow is " localhost"
Warning: Parameter "ALL" not set to " localhost" in /etc/hosts.allow [4]
Checking: Value of "ALL" in /etc/hosts.allow is " 127.0.0.1"
Warning: Parameter "ALL" not set to " 127.0.0.1" in /etc/hosts.allow [3]
Checking: For nullok entry in /etc/pam.d/system-auth
Warning: Found nullok entry in /etc/pam.d/system-auth [2]
Checking: File /etc/security/opasswd exists
Secure: File /etc/security/opasswd exists [1]
Checking: File permissions on /etc/security/opasswd
Secure: File /etc/security/opasswd has correct permissions [2]
Checking: Password entry remember set to 10 in /etc/pam.d/system-auth
Warning: Password entry remember is not set to 10 in /etc/pam.d/system-auth [1]
Checking: Auth entry not enabled in /etc/pam.d/system-auth
Warning: Auth entry not enabled in /etc/pam.d/system-auth [0]
Checking: Account reset entry not enabled in /etc/pam.d/system-auth
Warning: Account reset entry not enabled in /etc/pam.d/system-auth [-1]
Checking: Password minlen is set to 9 in /etc/pam.d/system-auth
Warning: Password minlen is not set to 9 in /etc/pam.d/system-auth [-2]
Checking: Password dcredit is set to -1 in /etc/pam.d/system-auth
Warning: Password dcredit is not set to -1 in /etc/pam.d/system-auth [-3]
Checking: Password lcredit is set to -1 in /etc/pam.d/system-auth
Warning: Password lcredit is not set to -1 in /etc/pam.d/system-auth [-4]
Checking: Password ocredit is set to -1 in /etc/pam.d/system-auth
Warning: Password ocredit is not set to -1 in /etc/pam.d/system-auth [-5]
Checking: Password ucredit is set to -1 in /etc/pam.d/system-auth
Warning: Password ucredit is not set to -1 in /etc/pam.d/system-auth [-6]
Checking: Password minimum strength enabled in /etc/pam.d/system-auth
Warning: Password strength settings not enabled in /etc/pam.d/system-auth [-7]
Checking: Lockout time for failed password attempts enabled in /etc/pam.d/system-auth
Warning: Lockout time for failed password attempts not enabled in /etc/pam.d/system-auth [-8]
Checking: Lockout for failed password attempts enabled in /etc/pam.d/system-auth
Warning: Lockout for failed password attempts not enabled in /etc/pam.d/system-auth [-9]
Checking: Value of "PASS_MAX_DAYS" in /etc/login.defs is "90"
Warning: Parameter "PASS_MAX_DAYS" not set to "90" in /etc/login.defs [-10]
Checking: Value of "PASS_MIN_DAYS" in /etc/login.defs is "7"
Warning: Parameter "PASS_MIN_DAYS" not set to "7" in /etc/login.defs [-11]
Checking: Value of "PASS_WARN_AGE" in /etc/login.defs is "14"
Warning: Parameter "PASS_WARN_AGE" not set to "14" in /etc/login.defs [-12]
Checking: Value of "PASS_MIN_LEN" in /etc/login.defs is "9"
Warning: Parameter "PASS_MIN_LEN" not set to "9" in /etc/login.defs [-13]
Checking: File permissions on /etc/login.defs
Warning: File /etc/login.defs has incorrect permissions [-14]
Checking: File permissions on /etc/group
Secure: File /etc/group has correct permissions [-13]
Checking: File permissions on /etc/passwd
Secure: File /etc/passwd has correct permissions [-12]
Checking: File permissions on /etc/gshadow
Secure: File /etc/gshadow has correct permissions [-11]
Checking: File permissions on /etc/shadow
Secure: File /etc/shadow has correct permissions [-10]
Checking: Wheel group membership required for su in /etc/pam.d/su
Warning: Wheel group membership not required for su in /etc/pam.d/su [-11]
Checking: Password hashing is set to sha512
Warning: Password hashing not set to sha512 [-12]
Checking: Value of "net.ipv4.conf.default.secure_redirects" in /etc/sysctl.conf is "0"
Warning: Parameter "net.ipv4.conf.default.secure_redirects" not set to "0" in /etc/sysctl.conf [-13]
Checking: Value of "net.ipv4.conf.all.secure_redirects" in /etc/sysctl.conf is "0"
Warning: Parameter "net.ipv4.conf.all.secure_redirects" not set to "0" in /etc/sysctl.conf [-14]
Checking: Value of "net.ipv4.icmp_echo_ignore_broadcasts" in /etc/sysctl.conf is "1"
Warning: Parameter "net.ipv4.icmp_echo_ignore_broadcasts" not set to "1" in /etc/sysctl.conf [-15]
Checking: Value of "net.ipv4.conf.all.accept_redirects" in /etc/sysctl.conf is "0"
Warning: Parameter "net.ipv4.conf.all.accept_redirects" not set to "0" in /etc/sysctl.conf [-16]
Checking: Value of "net.ipv4.conf.default.accept_redirects" in /etc/sysctl.conf is "0"
Warning: Parameter "net.ipv4.conf.default.accept_redirects" not set to "0" in /etc/sysctl.conf [-17]
Checking: Value of "net.ipv4.tcp_syncookies" in /etc/sysctl.conf is "1"
Secure: Parameter "net.ipv4.tcp_syncookies" already set to "1" in /etc/sysctl.conf [-16]
Checking: Value of "net.ipv4.tcp_max_syn_backlog" in /etc/sysctl.conf is "4096"
Warning: Parameter "net.ipv4.tcp_max_syn_backlog" not set to "4096" in /etc/sysctl.conf [-17]
Checking: Value of "net.ipv4.conf.all.rp_filter" in /etc/sysctl.conf is "1"
Warning: Parameter "net.ipv4.conf.all.rp_filter" not set to "1" in /etc/sysctl.conf [-18]
Checking: Value of "net.ipv4.conf.default.rp_filter" in /etc/sysctl.conf is "1"
Secure: Parameter "net.ipv4.conf.default.rp_filter" already set to "1" in /etc/sysctl.conf [-17]
Checking: Value of "net.ipv4.conf.all.accept_source_route" in /etc/sysctl.conf is "0"
Warning: Parameter "net.ipv4.conf.all.accept_source_route" not set to "0" in /etc/sysctl.conf [-18]
Checking: Value of "net.ipv4.conf.default.accept_source_route" in /etc/sysctl.conf is "0"
Secure: Parameter "net.ipv4.conf.default.accept_source_route" already set to "0" in /etc/sysctl.conf [-17]
Checking: Value of "net.ipv4.tcp_max_orphans" in /etc/sysctl.conf is "256"
Warning: Parameter "net.ipv4.tcp_max_orphans" not set to "256" in /etc/sysctl.conf [-18]
Checking: Value of "net.ipv4.conf.all.log_martians" in /etc/sysctl.conf is "1"
Warning: Parameter "net.ipv4.conf.all.log_martians" not set to "1" in /etc/sysctl.conf [-19]
Checking: Value of "net.ipv4.ip_forward" in /etc/sysctl.conf is "0"
Secure: Parameter "net.ipv4.ip_forward" already set to "0" in /etc/sysctl.conf [-18]
Checking: Value of "net.ipv4.conf.all.send_redirects" in /etc/sysctl.conf is "0"
Warning: Parameter "net.ipv4.conf.all.send_redirects" not set to "0" in /etc/sysctl.conf [-19]
Checking: Value of "net.ipv4.conf.default.send_redirects" in /etc/sysctl.conf is "0"
Warning: Parameter "net.ipv4.conf.default.send_redirects" not set to "0" in /etc/sysctl.conf [-20]
Checking: Value of "net.ipv4.icmp_ignore_bogus_error_responses" in /etc/sysctl.conf is "1"
Warning: Parameter "net.ipv4.icmp_ignore_bogus_error_responses" not set to "1" in /etc/sysctl.conf [-21]
Checking: Value of "net.ipv6.conf.default.accept_redirects" in /etc/sysctl.conf is "0"
Warning: Parameter "net.ipv6.conf.default.accept_redirects" not set to "0" in /etc/sysctl.conf [-22]
Checking: Value of "net.ipv6.conf.default.accept_ra" in /etc/sysctl.conf is "0"
Warning: Parameter "net.ipv6.conf.default.accept_ra" not set to "0" in /etc/sysctl.conf [-23]
Checking: Value of "kernel.randomize_va_space" in /etc/sysctl.conf is "1"
Warning: Parameter "kernel.randomize_va_space" not set to "1" in /etc/sysctl.conf [-24]
Checking: Value of "kernel.exec-shield" in /etc/sysctl.conf is "1"
Warning: Parameter "kernel.exec-shield" not set to "1" in /etc/sysctl.conf [-25]
Checking: Value of "fs.suid.dumpable" in /etc/sysctl.conf is "0"
Warning: Parameter "fs.suid.dumpable" not set to "0" in /etc/sysctl.conf [-26]
Checking: Parameter "* hard core 0" is set in /etc/security/limits.conf
Warning: Parameter "* hard core 0" does not exist in /etc/security/limits.conf [-27]
Checking: File permissions on /etc/security/limits.conf
Warning: File /etc/security/limits.conf has incorrect permissions [-28]
Checking: Parameter "echo 1 > /proc/sys/net/ipv4/tcp_syncookies" is set in /etc/rc.d/local
Warning: Parameter "echo 1 > /proc/sys/net/ipv4/tcp_syncookies" does not exist in /etc/rc.d/local [-29]
Checking: File permissions on /etc/rc.d/local
Notice: File /etc/rc.d/local does not exist [-28]
Checking: Parameter "install tipc /bin/true" is set in /etc/modprobe.conf
Warning: Parameter "install tipc /bin/true" does not exist in /etc/modprobe.conf [-29]
Checking: Parameter "install rds /bin/true" is set in /etc/modprobe.conf
Warning: Parameter "install rds /bin/true" does not exist in /etc/modprobe.conf [-30]
Checking: Parameter "install sctp /bin/true" is set in /etc/modprobe.conf
Warning: Parameter "install sctp /bin/true" does not exist in /etc/modprobe.conf [-31]
Checking: Parameter "install dccp /bin/true" is set in /etc/modprobe.conf
Warning: Parameter "install dccp /bin/true" does not exist in /etc/modprobe.conf [-32]
Secure: No unconfined daemons [-31]
Checking: Value of "SELINUX" in /etc/selinux/config is "enforcing"
Warning: Parameter "SELINUX" not set to "enforcing" in /etc/selinux/config [-32]
Checking: Value of "SELINUXTYPE" in /etc/selinux/config is "targeted"
Secure: Parameter "SELINUXTYPE" already set to "targeted" in /etc/selinux/config [-31]
Checking: Service sendmail at run level 3
Notice: Service sendmail is not installed [-30]
Checking: Service sendmail at run level 5
Notice: Service sendmail is not installed [-29]
Checking: Value of "DAEMON" in /etc/sysconfig/sendmail is "no"
Warning: Parameter "DAEMON" not set to "no" in /etc/sysconfig/sendmail [-30]
Checking: Value of "QUEUE" in /etc/sysconfig/sendmail is "1h"
Secure: Parameter "QUEUE" already set to "1h" in /etc/sysconfig/sendmail [-29]
Checking: Mail transfer agent is running in local-only mode
Secure: Mail transfer agent is running in local-only mode [-28]
Secure: No version information in sendmail greeting [-27]
Checking: Parameter "O HelpFile" in /etc/mail/sendmail.cf is disabled
Secure: No help information in sendmail greeting [-26]
Checking: File permissions on /etc/mail/sendmail.cf
Warning: File /etc/mail/sendmail.cf has incorrect permissions [-27]
Checking: Parameter "decode" in /etc/aliases is disabled
Checking: File permissions on /etc/aliases
Secure: File /etc/aliases has correct permissions [-26]
Checking: Service cyrus at run level 3
Notice: Service cyrus is not installed [-25]
Checking: Service cyrus at run level 3
Notice: Service cyrus is not installed [-24]
Checking: Service imapd at run level 3
Notice: Service imapd is not installed [-23]
Checking: Service imapd at run level 3
Notice: Service imapd is not installed [-22]
Checking: Service qpopper at run level 3
Notice: Service qpopper is not installed [-21]
Checking: Service qpopper at run level 3
Notice: Service qpopper is not installed [-20]
Checking: File permissions on /root
Warning: File /root has incorrect permissions [-21]
Checking: Primary group for root is root
Secure: Primary group for root is root [-20]
Checking: Root SSH keys
Secure: Keys file /root/.ssh/authorized_keys does not exist
Secure: Keys file /root/.ssh/authorized_keys2 does not exist
Checking: Value of "mesg" in /etc/.login is "n"
Warning: Parameter "mesg" not set to "n" in /etc/.login [-19]
Checking: Value of "mesg" in /etc/profile is "n"
Warning: Parameter "mesg" not set to "n" in /etc/profile [-20]
Checking: Value of "mesg" in /etc/skel/.bash_profile is "n"
Warning: Parameter "mesg" not set to "n" in /etc/skel/.bash_profile [-21]
Checking: Value of "mesg" in /etc/skel/.bashrc is "n"
Warning: Parameter "mesg" not set to "n" in /etc/skel/.bashrc [-22]
Checking: Groups in passwd file exist in group file
Secure: No non existant group issues [-21]
Checking: User home directory permissions
Checking: File permissions on /home/sysadmin
Secure: File /home/sysadmin has correct permissions [-20]
Checking: Ownership of home directories
Secure: No ownership issues with home directories [-19]
Checking: For users with duplicate name
Secure: No users with duplicate name [-18]
Checking: For users with duplicate id
Secure: No users with duplicate id [-17]
Checking: For groups with duplicate name
Secure: No groups with duplicate name [-16]
Checking: For groups with duplicate id
Secure: No groups with duplicate id [-15]
Checking: User dot file permissions
Checking: File permissions on /root/.bash_history
Secure: File /root/.bash_history has correct permissions [-14]
Checking: File permissions on /root/.bash_logout
Warning: File /root/.bash_logout has incorrect permissions [-15]
Checking: File permissions on /root/.bash_profile
Warning: File /root/.bash_profile has incorrect permissions [-16]
Checking: File permissions on /root/.bashrc
Warning: File /root/.bashrc has incorrect permissions [-17]
Checking: File permissions on /root/.cshrc
Warning: File /root/.cshrc has incorrect permissions [-18]
Checking: File permissions on /root/.tcshrc
Warning: File /root/.tcshrc has incorrect permissions [-19]
Checking: File permissions on /root/.bash_history
Secure: File /root/.bash_history has correct permissions [-18]
Checking: File permissions on /root/.bash_logout
Warning: File /root/.bash_logout has incorrect permissions [-19]
Checking: File permissions on /root/.bash_profile
Warning: File /root/.bash_profile has incorrect permissions [-20]
Checking: File permissions on /root/.bashrc
Warning: File /root/.bashrc has incorrect permissions [-21]
Checking: File permissions on /root/.cshrc
Warning: File /root/.cshrc has incorrect permissions [-22]
Checking: File permissions on /root/.tcshrc
Warning: File /root/.tcshrc has incorrect permissions [-23]
Checking: File permissions on /home/sysadmin/.bash_history
Secure: File /home/sysadmin/.bash_history has correct permissions [-22]
Checking: File permissions on /home/sysadmin/.bash_logout
Warning: File /home/sysadmin/.bash_logout has incorrect permissions [-23]
Checking: File permissions on /home/sysadmin/.bash_profile
Warning: File /home/sysadmin/.bash_profile has incorrect permissions [-24]
Checking: File permissions on /home/sysadmin/.bashrc
Warning: File /home/sysadmin/.bashrc has incorrect permissions [-25]
Checking: For .forward files
Secure: File /root/.forward does not exist [-24]
Secure: File /bin/.forward does not exist [-23]
Secure: File /sbin/.forward does not exist [-22]
Secure: File /var/adm/.forward does not exist [-21]
Secure: File /var/spool/lpd/.forward does not exist [-20]
Secure: File /sbin/.forward does not exist [-19]
Secure: File /sbin/.forward does not exist [-18]
Secure: File /sbin/.forward does not exist [-17]
Secure: File /var/spool/mail/.forward does not exist [-16]
Secure: File /etc/news/.forward does not exist [-15]
Secure: File /var/spool/uucp/.forward does not exist [-14]
Secure: File /root/.forward does not exist [-13]
Secure: File /usr/games/.forward does not exist [-12]
Secure: File /var/gopher/.forward does not exist [-11]
Secure: File /var/ftp/.forward does not exist [-10]
Secure: File /.forward does not exist [-9]
Secure: File /.forward does not exist [-8]
Secure: File /dev/.forward does not exist [-7]
Secure: File /var/arpwatch/.forward does not exist [-6]
Secure: File /.forward does not exist [-5]
Secure: File /.forward does not exist [-4]
Secure: File /var/spool/mqueue/.forward does not exist [-3]
Secure: File /var/spool/mqueue/.forward does not exist [-2]
Secure: File /var/empty/sshd/.forward does not exist [-1]
Secure: File /.forward does not exist [0]
Secure: File /var/lib/avahi-autoipd/.forward does not exist [1]
Secure: File /var/lib/nfs/.forward does not exist [2]
Secure: File /var/lib/nfs/.forward does not exist [3]
Secure: File /home/sysadmin/.forward does not exist [4]
Checking: Root PATH
Secure: No empty directory in PATH [5]
Secure: No trailing : in PATH [6]
Secure: Group write permission not set on directory /usr/kerberos/sbin [7]
Secure: Other write permission not set on directory /usr/kerberos/sbin [8]
Secure: Group write permission not set on directory /usr/kerberos/bin [9]
Secure: Other write permission not set on directory /usr/kerberos/bin [10]
Secure: Group write permission not set on directory /usr/local/sbin [11]
Secure: Other write permission not set on directory /usr/local/sbin [12]
Secure: Group write permission not set on directory /usr/local/bin [13]
Secure: Other write permission not set on directory /usr/local/bin [14]
Secure: Group write permission not set on directory /sbin [15]
Secure: Other write permission not set on directory /sbin [16]
Secure: Group write permission not set on directory /bin [17]
Secure: Other write permission not set on directory /bin [18]
Secure: Group write permission not set on directory /usr/sbin [19]
Secure: Other write permission not set on directory /usr/sbin [20]
Secure: Group write permission not set on directory /usr/bin [21]
Secure: Other write permission not set on directory /usr/bin [22]
Checking: Primary group for root is root
Secure: Primary group for root is root [23]
Checking: Value of "umask" in /etc/.login is "077"
Warning: Parameter "umask" not set to "077" in /etc/.login [22]
Checking: Value of "umask" in /etc/profile is "077"
Warning: Parameter "umask" not set to "077" in /etc/profile [21]
Checking: Value of "umask" in /etc/skel/.bash_profile is "077"
Warning: Parameter "umask" not set to "077" in /etc/skel/.bash_profile [20]
Checking: Value of "UMASK" in /etc/bashrc is "077"
Warning: Parameter "UMASK" not set to "077" in /etc/bashrc [19]
Checking: Value of "UMASK" in /etc/skel/.bashrc is "077"
Warning: Parameter "UMASK" not set to "077" in /etc/skel/.bashrc [18]
Checking: Password fields
Secure: No empty password entries
Checking: Whether reserved UUIDs are assigned to system accounts
Warning: User avahi-autoipd has a reserved UID (100) [18]
Checking: Super users other than root
Secure: No accounts other than root have UID 0 [20]
Checking: Value of "umask" in /etc/sysconfig/init is "027"
Warning: Parameter "umask" not set to "027" in /etc/sysconfig/init [19]
Checking: File permissions on /etc/crontab
Warning: File /etc/crontab has incorrect permissions [18]
Checking: File permissions on /var/spool/cron
Warning: File /var/spool/cron has incorrect permissions [17]
Checking: File permissions on /etc/cron.daily
Warning: File /etc/cron.daily has incorrect permissions [16]
Checking: File permissions on /etc/cron.weekly
Warning: File /etc/cron.weekly has incorrect permissions [15]
Checking: File permissions on /etc/cron.mounthly
Notice: File /etc/cron.mounthly does not exist [16]
Checking: File permissions on /etc/cron.hourly
Warning: File /etc/cron.hourly has incorrect permissions [15]
Checking: File permissions on /etc/anacrontab
Warning: File /etc/anacrontab has incorrect permissions [14]
Checking: Wheel group exists in /etc/group
Warning: Wheel group does not exist in /etc/group [13]
Checking: File permissions on /bin/su
Warning: File /bin/su has incorrect permissions [12]
Secure: No user has never logged in and their account is not locked [13]
Checking: System accounts have valid shells
Warning: System account news has an invalid shell
Checking: Service iscsi at run level 3
Notice: Service iscsi is not installed [13]
Checking: Service iscsi at run level 5
Notice: Service iscsi is not installed [14]
Checking: Service iscsd at run level 3
Notice: Service iscsd is not installed [15]
Checking: Service iscsd at run level 5
Notice: Service iscsd is not installed [16]
Checking: Service pcscd at run level 3
Notice: Service pcscd is not installed [17]
Checking: Service pcscd at run level 5
Notice: Service pcscd is not installed [18]
Checking: Service haldaemon at run level 3
Notice: Service haldaemon is not installed [19]
Checking: Service haldaemon at run level 5
Notice: Service haldaemon is not installed [20]
Checking: Service kudzu at run level 3
Notice: Service kudzu is not installed [21]
Checking: Service kudzu at run level 5
Notice: Service kudzu is not installed [22]
Checking: Service apmd at run level 3
Notice: Service apmd is not installed [23]
Checking: Service apmd at run level 5
Notice: Service apmd is not installed [24]
Checking: Service xend at run level 3
Notice: Service xend is not installed [25]
Checking: Service xend at run level 5
Notice: Service xend is not installed [26]
Checking: Service xendomains at run level 3
Notice: Service xendomains is not installed [27]
Checking: Service xendomains at run level 5
Notice: Service xendomains is not installed [28]
Checking: Service xfs at run level 3
Notice: Service xfs is not installed [29]
Checking: Service xfs at run level 5
Notice: Service xfs is not installed [30]
Checking: Service vncserver at run level 3
Notice: Service vncserver is not installed [31]
Checking: Service vncserver at run level 5
Notice: Service vncserver is not installed [32]
Checking: Service yppasswdd at run level 3
Notice: Service yppasswdd is not installed [33]
Checking: Service yppasswdd at run level 5
Notice: Service yppasswdd is not installed [34]
Checking: Service ypserv at run level 3
Notice: Service ypserv is not installed [35]
Checking: Service ypserv at run level 5
Notice: Service ypserv is not installed [36]
Checking: Service ypxfrd at run level 3
Notice: Service ypxfrd is not installed [37]
Checking: Service ypxfrd at run level 5
Notice: Service ypxfrd is not installed [38]
Checking: Service ypbind at run level 3
Notice: Service ypbind is not installed [39]
Checking: Service ypbind at run level 5
Notice: Service ypbind is not installed [40]
Checking: Service ldap at run level 3
Notice: Service ldap is not installed [41]
Checking: Service ldap at run level 5
Notice: Service ldap is not installed [42]
Checking: Service nscd at run level 3
Notice: Service nscd is not installed [43]
Checking: Service nscd at run level 5
Notice: Service nscd is not installed [44]
Checking: Service avahi at run level 3
Notice: Service avahi is not installed [45]
Checking: Service avahi at run level 5
Notice: Service avahi is not installed [46]
Checking: Service avahi-autoipd at run level 3
Notice: Service avahi-autoipd is not installed [47]
Checking: Service avahi-autoipd at run level 5
Notice: Service avahi-autoipd is not installed [48]
Checking: Service avahi-daemon at run level 3
Notice: Service avahi-daemon is not installed [49]
Checking: Service avahi-daemon at run level 5
Notice: Service avahi-daemon is not installed [50]
Checking: Service avahi-dnsconfd at run level 3
Notice: Service avahi-dnsconfd is not installed [51]
Checking: Service avahi-dnsconfd at run level 5
Notice: Service avahi-dnsconfd is not installed [52]
Checking: Service named at run level 3
Notice: Service named is not installed [53]
Checking: Service named at run level 5
Notice: Service named is not installed [54]
Checking: Service kadmin at run level 3
Notice: Service kadmin is not installed [55]
Checking: Service kadmin at run level 5
Notice: Service kadmin is not installed [56]
Checking: Service kprop at run level 3
Notice: Service kprop is not installed [57]
Checking: Service kprop at run level 5
Notice: Service kprop is not installed [58]
Checking: Service krb524 at run level 3
Notice: Service krb524 is not installed [59]
Checking: Service krb524 at run level 5
Notice: Service krb524 is not installed [60]
Checking: Service krb5kdc at run level 3
Notice: Service krb5kdc is not installed [61]
Checking: Service krb5kdc at run level 5
Notice: Service krb5kdc is not installed [62]
Checking: Legacy NIS '+' entries
Secure: No NIS entries in /etc/passwd [63]
Secure: No NIS entries in /etc/shadow [64]
Secure: No NIS entries in /etc/group [65]
Checking: Value of "disable-user-service-publishing" in /etc/avahi/avahi-daemon.conf is "yes"
Warning: Parameter "disable-user-service-publishing" not set to "yes" in /etc/avahi/avahi-daemon.conf [64]
Checking: Value of "disable-publishing" in /etc/avahi/avahi-daemon.conf is "yes"
Warning: Parameter "disable-publishing" not set to "yes" in /etc/avahi/avahi-daemon.conf [63]
Checking: Value of "publish-address" in /etc/avahi/avahi-daemon.conf is "no"
Warning: Parameter "publish-address" not set to "no" in /etc/avahi/avahi-daemon.conf [62]
Checking: Value of "publish-binfo" in /etc/avahi/avahi-daemon.conf is "no"
Warning: Parameter "publish-binfo" not set to "no" in /etc/avahi/avahi-daemon.conf [61]
Checking: Value of "publish-workstation" in /etc/avahi/avahi-daemon.conf is "no"
Warning: Parameter "publish-workstation" not set to "no" in /etc/avahi/avahi-daemon.conf [60]
Checking: Value of "publish-domain" in /etc/avahi/avahi-daemon.conf is "no"
Warning: Parameter "publish-domain" not set to "no" in /etc/avahi/avahi-daemon.conf [59]
Checking: Value of "disallow-other-stacks" in /etc/avahi/avahi-daemon.conf is "yes"
Warning: Parameter "disallow-other-stacks" not set to "yes" in /etc/avahi/avahi-daemon.conf [58]
Checking: Value of "check-response-ttl" in /etc/avahi/avahi-daemon.conf is "yes"
Warning: Parameter "check-response-ttl" not set to "yes" in /etc/avahi/avahi-daemon.conf [57]
Checking: Service autofs at run level 3
Notice: Service autofs is not installed [58]
Checking: Service autofs at run level 5
Notice: Service autofs is not installed [59]
Secure: No filesystem that should be mounted with nodev [60]
Checking: File permissions on /etc/fstab
Secure: File /etc/fstab has correct permissions [61]
Secure: User mountable filesystems disabled [62]
Checking: File permissions on /usr/share/hal/fdi/policy/20thirdparty/floppycdrom.fdi
Secure: File /usr/share/hal/fdi/policy/20thirdparty/floppycdrom.fdi has correct permissions [63]
Checking: Service nfs at run level 3
Notice: Service nfs is not installed [64]
Checking: Service nfs at run level 5
Notice: Service nfs is not installed [65]
Checking: Service nfslock at run level 3
Notice: Service nfslock is not installed [66]
Checking: Service nfslock at run level 5
Notice: Service nfslock is not installed [67]
Checking: Service portmap at run level 3
Notice: Service portmap is not installed [68]
Checking: Service portmap at run level 5
Notice: Service portmap is not installed [69]
Checking: Service rpc at run level 3
Notice: Service rpc is not installed [70]
Checking: Service rpc at run level 5
Notice: Service rpc is not installed [71]
Checking: Service httpd at run level 3
Notice: Service httpd is not installed [72]
Checking: Service httpd at run level 5
Notice: Service httpd is not installed [73]
Checking: Service apache at run level 3
Notice: Service apache is not installed [74]
Checking: Service apache at run level 5
Notice: Service apache is not installed [75]
Checking: Service tomcat5 at run level 3
Notice: Service tomcat5 is not installed [76]
Checking: Service tomcat5 at run level 5
Notice: Service tomcat5 is not installed [77]
Checking: Service squid at run level 3
Notice: Service squid is not installed [78]
Checking: Service squid at run level 5
Notice: Service squid is not installed [79]
Checking: Service prixovy at run level 3
Notice: Service prixovy is not installed [80]
Checking: Service prixovy at run level 5
Notice: Service prixovy is not installed [81]
Checking: Service bgpd at run level 3
Notice: Service bgpd is not installed [82]
Checking: Service bgpd at run level 5
Notice: Service bgpd is not installed [83]
Checking: Service ospf6d at run level 3
Notice: Service ospf6d is not installed [84]
Checking: Service ospf6d at run level 5
Notice: Service ospf6d is not installed [85]
Checking: Service ospfd at run level 3
Notice: Service ospfd is not installed [86]
Checking: Service ospfd at run level 5
Notice: Service ospfd is not installed [87]
Checking: Service ripd at run level 3
Notice: Service ripd is not installed [88]
Checking: Service ripd at run level 5
Notice: Service ripd is not installed [89]
Checking: Service ripngd at run level 3
Notice: Service ripngd is not installed [90]
Checking: Service ripngd at run level 5
Notice: Service ripngd is not installed [91]
Checking: Service smb at run level 3
Notice: Service smb is not installed [92]
Checking: Service smb at run level 5
Notice: Service smb is not installed [93]
Checking: Service rarpd at run level 3
Notice: Service rarpd is not installed [94]
Checking: Service rarpd at run level 5
Notice: Service rarpd is not installed [95]
Checking: Service winbind at run level 3
Notice: Service winbind is not installed [96]
Checking: Service winbind at run level 5
Notice: Service winbind is not installed [97]
Checking: Service xinetd at run level 3
Notice: Service xinetd is not installed [98]
Checking: Service xinetd at run level 5
Notice: Service xinetd is not installed [99]
Checking: Service wu-ftpd at run level 3
Notice: Service wu-ftpd is not installed [100]
Checking: Service wu-ftpd at run level 5
Notice: Service wu-ftpd is not installed [101]
Checking: Service ftp at run level 3
Notice: Service ftp is not installed [102]
Checking: Service ftp at run level 5
Notice: Service ftp is not installed [103]
Checking: Service vsftpd at run level 3
Notice: Service vsftpd is not installed [104]
Checking: Service vsftpd at run level 5
Notice: Service vsftpd is not installed [105]
Checking: Service aaeventd at run level 3
Notice: Service aaeventd is not installed [106]
Checking: Service aaeventd at run level 5
Notice: Service aaeventd is not installed [107]
Checking: Service tftp at run level 3
Notice: Service tftp is not installed [108]
Checking: Service tftp at run level 5
Notice: Service tftp is not installed [109]
Checking: Service acpid at run level 3
Notice: Service acpid is not installed [110]
Checking: Service acpid at run level 5
Notice: Service acpid is not installed [111]
Checking: Service amd at run level 3
Notice: Service amd is not installed [112]
Checking: Service amd at run level 5
Notice: Service amd is not installed [113]
Checking: Service arptables_jg at run level 3
Notice: Service arptables_jg is not installed [114]
Checking: Service arptables_jg at run level 5
Notice: Service arptables_jg is not installed [115]
Checking: Service arpwatch at run level 3
Notice: Service arpwatch is not installed [116]
Checking: Service arpwatch at run level 5
Notice: Service arpwatch is not installed [117]
Checking: Service atd at run level 3
Notice: Service atd is not installed [118]
Checking: Service atd at run level 5
Notice: Service atd is not installed [119]
Checking: Service netfs at run level 3
Notice: Service netfs is not installed [120]
Checking: Service netfs at run level 5
Notice: Service netfs is not installed [121]
Checking: Service irda at run level 3
Notice: Service irda is not installed [122]
Checking: Service irda at run level 5
Notice: Service irda is not installed [123]
Checking: Service isdn at run level 3
Notice: Service isdn is not installed [124]
Checking: Service isdn at run level 5
Notice: Service isdn is not installed [125]
Checking: Service bluetooth at run level 3
Notice: Service bluetooth is not installed [126]
Checking: Service bluetooth at run level 5
Notice: Service bluetooth is not installed [127]
Checking: Service capi at run level 3
Notice: Service capi is not installed [128]
Checking: Service capi at run level 5
Notice: Service capi is not installed [129]
Checking: Service conman at run level 3
Notice: Service conman is not installed [130]
Checking: Service conman at run level 5
Notice: Service conman is not installed [131]
Checking: Service cpuspeed at run level 3
Notice: Service cpuspeed is not installed [132]
Checking: Service cpuspeed at run level 5
Notice: Service cpuspeed is not installed [133]
Checking: Service cryrus-imapd at run level 3
Notice: Service cryrus-imapd is not installed [134]
Checking: Service cryrus-imapd at run level 5
Notice: Service cryrus-imapd is not installed [135]
Checking: Service dc_client at run level 3
Notice: Service dc_client is not installed [136]
Checking: Service dc_client at run level 5
Notice: Service dc_client is not installed [137]
Checking: Service dc_server at run level 3
Notice: Service dc_server is not installed [138]
Checking: Service dc_server at run level 5
Notice: Service dc_server is not installed [139]
Checking: Service dhcdbd at run level 3
Notice: Service dhcdbd is not installed [140]
Checking: Service dhcdbd at run level 5
Notice: Service dhcdbd is not installed [141]
Checking: Service dhcp6s at run level 3
Notice: Service dhcp6s is not installed [142]
Checking: Service dhcp6s at run level 5
Notice: Service dhcp6s is not installed [143]
Checking: Service dhcrelay at run level 3
Notice: Service dhcrelay is not installed [144]
Checking: Service dhcrelay at run level 5
Notice: Service dhcrelay is not installed [145]
Checking: Service chargen at run level 3
Notice: Service chargen is not installed [146]
Checking: Service chargen at run level 5
Notice: Service chargen is not installed [147]
Checking: Service chargen-udp at run level 3
Notice: Service chargen-udp is not installed [148]
Checking: Service chargen-udp at run level 5
Notice: Service chargen-udp is not installed [149]
Checking: Service dovecot at run level 3
Notice: Service dovecot is not installed [150]
Checking: Service dovecot at run level 5
Notice: Service dovecot is not installed [151]
Checking: Service dund at run level 3
Notice: Service dund is not installed [152]
Checking: Service dund at run level 5
Notice: Service dund is not installed [153]
Checking: Service gpm at run level 3
Notice: Service gpm is not installed [154]
Checking: Service gpm at run level 5
Notice: Service gpm is not installed [155]
Checking: Service hidd at run level 3
Notice: Service hidd is not installed [156]
Checking: Service hidd at run level 5
Notice: Service hidd is not installed [157]
Checking: Service hplip at run level 3
Notice: Service hplip is not installed [158]
Checking: Service hplip at run level 5
Notice: Service hplip is not installed [159]
Checking: Service ibmasm at run level 3
Notice: Service ibmasm is not installed [160]
Checking: Service ibmasm at run level 5
Notice: Service ibmasm is not installed [161]
Checking: Service innd at run level 3
Notice: Service innd is not installed [162]
Checking: Service innd at run level 5
Notice: Service innd is not installed [163]
Checking: Service ip6tables at run level 3
Notice: Service ip6tables is not installed [164]
Checking: Service ip6tables at run level 5
Notice: Service ip6tables is not installed [165]
Checking: Service lisa at run level 3
Notice: Service lisa is not installed [166]
Checking: Service lisa at run level 5
Notice: Service lisa is not installed [167]
Checking: Service lm_sensors at run level 3
Notice: Service lm_sensors is not installed [168]
Checking: Service lm_sensors at run level 5
Notice: Service lm_sensors is not installed [169]
Checking: Service mailman at run level 3
Notice: Service mailman is not installed [170]
Checking: Service mailman at run level 5
Notice: Service mailman is not installed [171]
Checking: Service mctrans at run level 3
Notice: Service mctrans is not installed [172]
Checking: Service mctrans at run level 5
Notice: Service mctrans is not installed [173]
Checking: Service mdmonitor at run level 3
Notice: Service mdmonitor is not installed [174]
Checking: Service mdmonitor at run level 5
Notice: Service mdmonitor is not installed [175]
Checking: Service mdmpd at run level 3
Notice: Service mdmpd is not installed [176]
Checking: Service mdmpd at run level 5
Notice: Service mdmpd is not installed [177]
Checking: Service microcode_ctl at run level 3
Notice: Service microcode_ctl is not installed [178]
Checking: Service microcode_ctl at run level 5
Notice: Service microcode_ctl is not installed [179]
Checking: Service mysqld at run level 3
Notice: Service mysqld is not installed [180]
Checking: Service mysqld at run level 5
Notice: Service mysqld is not installed [181]
Checking: Service netplugd at run level 3
Notice: Service netplugd is not installed [182]
Checking: Service netplugd at run level 5
Notice: Service netplugd is not installed [183]
Checking: Service network at run level 3
Notice: Service network is not installed [184]
Checking: Service network at run level 5
Notice: Service network is not installed [185]
Checking: Service NetworkManager at run level 3
Notice: Service NetworkManager is not installed [186]
Checking: Service NetworkManager at run level 5
Notice: Service NetworkManager is not installed [187]
Checking: Service openibd at run level 3
Notice: Service openibd is not installed [188]
Checking: Service openibd at run level 5
Notice: Service openibd is not installed [189]
Checking: Service pand at run level 3
Notice: Service pand is not installed [190]
Checking: Service pand at run level 5
Notice: Service pand is not installed [191]
Checking: Service postfix at run level 3
Notice: Service postfix is not installed [192]
Checking: Service postfix at run level 5
Notice: Service postfix is not installed [193]
Checking: Service psacct at run level 3
Notice: Service psacct is not installed [194]
Checking: Service psacct at run level 5
Notice: Service psacct is not installed [195]
Checking: Service mutipathd at run level 3
Notice: Service mutipathd is not installed [196]
Checking: Service mutipathd at run level 5
Notice: Service mutipathd is not installed [197]
Checking: Service daytime at run level 3
Notice: Service daytime is not installed [198]
Checking: Service daytime at run level 5
Notice: Service daytime is not installed [199]
Checking: Service daytime-udp at run level 3
Notice: Service daytime-udp is not installed [200]
Checking: Service daytime-udp at run level 5
Notice: Service daytime-udp is not installed [201]
Checking: Service radiusd at run level 3
Notice: Service radiusd is not installed [202]
Checking: Service radiusd at run level 5
Notice: Service radiusd is not installed [203]
Checking: Service radvd at run level 3
Notice: Service radvd is not installed [204]
Checking: Service radvd at run level 5
Notice: Service radvd is not installed [205]
Checking: Service rdisc at run level 3
Notice: Service rdisc is not installed [206]
Checking: Service rdisc at run level 5
Notice: Service rdisc is not installed [207]
Checking: Service readahead_early at run level 3
Notice: Service readahead_early is not installed [208]
Checking: Service readahead_early at run level 5
Notice: Service readahead_early is not installed [209]
Checking: Service readahead_later at run level 3
Notice: Service readahead_later is not installed [210]
Checking: Service readahead_later at run level 5
Notice: Service readahead_later is not installed [211]
Checking: Service rhnsd at run level 3
Notice: Service rhnsd is not installed [212]
Checking: Service rhnsd at run level 5
Notice: Service rhnsd is not installed [213]
Checking: Service rpcgssd at run level 3
Notice: Service rpcgssd is not installed [214]
Checking: Service rpcgssd at run level 5
Notice: Service rpcgssd is not installed [215]
Checking: Service rpcimapd at run level 3
Notice: Service rpcimapd is not installed [216]
Checking: Service rpcimapd at run level 5
Notice: Service rpcimapd is not installed [217]
Checking: Service rpcsvcgssd at run level 3
Notice: Service rpcsvcgssd is not installed [218]
Checking: Service rpcsvcgssd at run level 5
Notice: Service rpcsvcgssd is not installed [219]
Checking: Service rstatd at run level 3
Notice: Service rstatd is not installed [220]
Checking: Service rstatd at run level 5
Notice: Service rstatd is not installed [221]
Checking: Service rusersd at run level 3
Notice: Service rusersd is not installed [222]
Checking: Service rusersd at run level 5
Notice: Service rusersd is not installed [223]
Checking: Service rwhod at run level 3
Notice: Service rwhod is not installed [224]
Checking: Service rwhod at run level 5
Notice: Service rwhod is not installed [225]
Checking: Service saslauthd at run level 3
Notice: Service saslauthd is not installed [226]
Checking: Service saslauthd at run level 5
Notice: Service saslauthd is not installed [227]
Checking: Service settroubleshoot at run level 3
Notice: Service settroubleshoot is not installed [228]
Checking: Service settroubleshoot at run level 5
Notice: Service settroubleshoot is not installed [229]
Checking: Service smartd at run level 3
Notice: Service smartd is not installed [230]
Checking: Service smartd at run level 5
Notice: Service smartd is not installed [231]
Checking: Service spamassasin at run level 3
Notice: Service spamassasin is not installed [232]
Checking: Service spamassasin at run level 5
Notice: Service spamassasin is not installed [233]
Checking: Service echo at run level 3
Notice: Service echo is not installed [234]
Checking: Service echo at run level 5
Notice: Service echo is not installed [235]
Checking: Service echo-udp at run level 3
Notice: Service echo-udp is not installed [236]
Checking: Service echo-udp at run level 5
Notice: Service echo-udp is not installed [237]
Checking: Service time at run level 3
Notice: Service time is not installed [238]
Checking: Service time at run level 5
Notice: Service time is not installed [239]
Checking: Service time-udp at run level 3
Notice: Service time-udp is not installed [240]
Checking: Service time-udp at run level 5
Notice: Service time-udp is not installed [241]
Checking: Service vnc at run level 3
Notice: Service vnc is not installed [242]
Checking: Service vnc at run level 5
Notice: Service vnc is not installed [243]
Checking: Service svcgssd at run level 3
Notice: Service svcgssd is not installed [244]
Checking: Service svcgssd at run level 5
Notice: Service svcgssd is not installed [245]
Checking: Service rpmconfigcheck at run level 3
Notice: Service rpmconfigcheck is not installed [246]
Checking: Service rpmconfigcheck at run level 5
Notice: Service rpmconfigcheck is not installed [247]
Checking: Service rsh at run level 3
Notice: Service rsh is not installed [248]
Checking: Service rsh at run level 5
Notice: Service rsh is not installed [249]
Checking: Service rsync at run level 3
Notice: Service rsync is not installed [250]
Checking: Service rsync at run level 5
Notice: Service rsync is not installed [251]
Checking: Service rsyncd at run level 3
Notice: Service rsyncd is not installed [252]
Checking: Service rsyncd at run level 5
Notice: Service rsyncd is not installed [253]
Checking: Service saslauthd at run level 3
Notice: Service saslauthd is not installed [254]
Checking: Service saslauthd at run level 5
Notice: Service saslauthd is not installed [255]
Checking: Service powerd at run level 3
Notice: Service powerd is not installed [256]
Checking: Service powerd at run level 5
Notice: Service powerd is not installed [257]
Checking: Service raw at run level 3
Notice: Service raw is not installed [258]
Checking: Service raw at run level 5
Notice: Service raw is not installed [259]
Checking: Service rexec at run level 3
Notice: Service rexec is not installed [260]
Checking: Service rexec at run level 5
Notice: Service rexec is not installed [261]
Checking: Service rlogin at run level 3
Notice: Service rlogin is not installed [262]
Checking: Service rlogin at run level 5
Notice: Service rlogin is not installed [263]
Checking: Service rpasswdd at run level 3
Notice: Service rpasswdd is not installed [264]
Checking: Service rpasswdd at run level 5
Notice: Service rpasswdd is not installed [265]
Checking: Service openct at run level 3
Notice: Service openct is not installed [266]
Checking: Service openct at run level 5
Notice: Service openct is not installed [267]
Checking: Service ipxmount at run level 3
Notice: Service ipxmount is not installed [268]
Checking: Service ipxmount at run level 5
Notice: Service ipxmount is not installed [269]
Checking: Service joystick at run level 3
Notice: Service joystick is not installed [270]
Checking: Service joystick at run level 5
Notice: Service joystick is not installed [271]
Checking: Service esound at run level 3
Notice: Service esound is not installed [272]
Checking: Service esound at run level 5
Notice: Service esound is not installed [273]
Checking: Service evms at run level 3
Notice: Service evms is not installed [274]
Checking: Service evms at run level 5
Notice: Service evms is not installed [275]
Checking: Service fam at run level 3
Notice: Service fam is not installed [276]
Checking: Service fam at run level 5
Notice: Service fam is not installed [277]
Checking: Service gpm at run level 3
Notice: Service gpm is not installed [278]
Checking: Service gpm at run level 5
Notice: Service gpm is not installed [279]
Checking: Service gssd at run level 3
Notice: Service gssd is not installed [280]
Checking: Service gssd at run level 5
Notice: Service gssd is not installed [281]
Checking: Service pcscd at run level 3
Notice: Service pcscd is not installed [282]
Checking: Service pcscd at run level 5
Notice: Service pcscd is not installed [283]
Checking: Service tog-pegasus at run level 3
Notice: Service tog-pegasus is not installed [284]
Checking: Service tog-pegasus at run level 5
Notice: Service tog-pegasus is not installed [285]
Checking: Service tux at run level 3
Notice: Service tux is not installed [286]
Checking: Service tux at run level 5
Notice: Service tux is not installed [287]
Checking: Service wpa_supplicant at run level 3
Notice: Service wpa_supplicant is not installed [288]
Checking: Service wpa_supplicant at run level 5
Notice: Service wpa_supplicant is not installed [289]
Checking: Service zebra at run level 3
Notice: Service zebra is not installed [290]
Checking: Service zebra at run level 5
Notice: Service zebra is not installed [291]
Checking: Service ncpfs at run level 3
Notice: Service ncpfs is not installed [292]
Checking: Service ncpfs at run level 5
Notice: Service ncpfs is not installed [293]
Checking: File permissions on /var/log/boot.log
Warning: File /var/log/boot.log has incorrect permissions [292]
Checking: File permissions on /var/log/cron
Warning: File /var/log/cron has incorrect permissions [291]
Checking: File permissions on /var/log/dmesg
Warning: File /var/log/dmesg has incorrect permissions [290]
Checking: File permissions on /var/log/lastlog
Warning: File /var/log/lastlog has incorrect permissions [289]
Checking: File permissions on /var/log/maillog
Warning: File /var/log/maillog has incorrect permissions [288]
Checking: File permissions on /var/log/messages
Warning: File /var/log/messages has incorrect permissions [287]
Checking: File permissions on /var/log/secure
Warning: File /var/log/secure has incorrect permissions [286]
Checking: File permissions on /var/log/spooler
Warning: File /var/log/spooler has incorrect permissions [285]
Checking: File permissions on /var/log/wtmp
Warning: File /var/log/wtmp has incorrect permissions [284]
Checking: Value of "authpriv.*" in /etc/syslog.conf is "/var/log/secure"
Warning: Parameter "authpriv.*" not set to "/var/log/secure" in /etc/syslog.conf [283]
Checking: Value of "auth.*" in /etc/syslog.conf is "/var/log/messages"
Warning: Parameter "auth.*" not set to "/var/log/messages" in /etc/syslog.conf [282]
Checking: Service kdump at run level 3
Notice: Service kdump is not installed [283]
Checking: Service kdump at run level 5
Notice: Service kdump is not installed [284]
Checking: Logrotate is set up
Secure: Log rotate is configured [285]
Checking: NTP is enabled
Warning: NTP not enabled [284]
Checking: Service ntp at run level 3
Notice: Service ntp is not installed [285]
Checking: Service ntp at run level 5
Notice: Service ntp is not installed [286]
Checking: Parameter "restrict default kod nomodify nopeer notrap noquery" is set in /etc/ntp.conf
Warning: Parameter "restrict default kod nomodify nopeer notrap noquery" does not exist in /etc/ntp.conf [285]
Checking: Parameter "restrict -6 default kod nomodify nopeer notrap noquery" is set in /etc/ntp.conf
Warning: Parameter "restrict -6 default kod nomodify nopeer notrap noquery" does not exist in /etc/ntp.conf [284]
Checking: Value of "OPTIONS" in /etc/ntp.conf is "-u ntp:ntp -p /var/run/ntpd.pid"
Warning: Parameter "OPTIONS" not set to "-u ntp:ntp -p /var/run/ntpd.pid" in /etc/ntp.conf [283]
Checking: Service ipmi at run level 3
Notice: Service ipmi is not installed [284]
Checking: Service ipmi at run level 5
Notice: Service ipmi is not installed [285]
Checking: Service bootparamd at run level 3
Notice: Service bootparamd is not installed [286]
Checking: Service bootparamd at run level 5
Notice: Service bootparamd is not installed [287]
Checking: Service tftp at run level 3
Notice: Service tftp is not installed [288]
Checking: Service tftp at run level 5
Notice: Service tftp is not installed [289]
Checking: Service postgresql at run level 3
Notice: Service postgresql is not installed [290]
Checking: Service postgresql at run level 5
Notice: Service postgresql is not installed [291]
Checking: Value of "gpgcheck" in /etc/yum.conf is "1"
Secure: Parameter "gpgcheck" already set to "1" in /etc/yum.conf [292]
Tests: 673
Score: 292