CIS CentOS 7 - CIS-3.6

Question

CIS CentOS 7 - CIS-3.6

Closed this issue 8 years ago · 1 comments

ssoto2 commented 8 years ago

Current the centos-7-level-1-scored-v1.yaml is looking for the following

But per the CIS https://benchmarks.cisecurity.org/tools2/linux/CIS_CentOS_Linux_7_Benchmark_v1.1.0.pdf

The audit should be looking for the following lines

restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

Right now the audit is looking for

    CentOS Linux-7:
    - /etc/ntp.conf:
        pattern: restrict default
        tag: CIS-3.6
    - /etc/ntp.conf:
        pattern: restrict -6 default
        tag: CIS-3.6

which since line contains more then just that pattern it is failing.

Answer 1 · 2017-01-03T17:03:21.000Z

Is this one actually not an issue? Wanted to make sure you intended to close it.