Skip to content

Commit

Permalink
network section first draft
Browse files Browse the repository at this point in the history
  • Loading branch information
krispayne committed Feb 3, 2016
1 parent 8beb64f commit 7977638
Showing 1 changed file with 23 additions and 0 deletions.
23 changes: 23 additions & 0 deletions ElCapitan_CIS.sh
Original file line number Diff line number Diff line change
Expand Up @@ -307,6 +307,28 @@ networkConfigurations() {

# 4.3 Create network specific locations

# 4.4 Ensure http server is not running
# Audit:
# /bin/ps -ef | grep -i httpd
# Remediate:
# /usr/sbin/apachectl stop
# /usr/bin/defaults write /System/Library/LaunchDaemons/org.apache.httpd Disabled -bool true

# 4.5 Ensure ftp server is not running
# Audit:
# /usr/sbin/launchctl list | egrep ftp
# Remediate:
# /usr/sbin/launchctl unload -w /System/Library/LaunchDaemons/ftp.plist

# 4.6 Ensure nfs server is not running
# Audit:
# /bin/ps -ef | grep -i nfsd
# cat /etc/exports
# Remediate:
# /sbin/nfsd disable
# rm /etc/export


}

### 5 System Access, Authentication and Authorization
Expand All @@ -315,6 +337,7 @@ systemAccess() {
printf "5 System Access, Authentication and Authorization\n"

# 5.1 File System Permissions and Access Controls
printf "5.1 File System Permissions and Access Controls"

# 5.1.1 Secure Home Folders (Scored)

Expand Down

0 comments on commit 7977638

Please sign in to comment.