Hello. Today, Dave Tamilow did a webinar on Compliance. In that Webinar, he demonstrated how a Compliance Fixlet could be set up to detect when the UNIX etc/passwd file’s ownership was altered, and how Compliance could automatically remediate that by changing it back to root.
How can I find a list of “out of the box” checks (similar to checking the ownership of etc/passwd) that are available in BigFix Compliance?
Thank you.
The checks themselves are based on standard guidelines published by various sources including CIS, DISA STIGs, etc… For a currently list of all supported checklists, please see the following link:
You can then reference the sources to see their associated checks.
Alternatively, if you have access to BigFix Compliance, you can simply subscribe to the sites of interest to view the Fixlet Content/checks.
Was there a particular checklist of interest?
Thank you! No, I am a business partner simply looking for some good specific examples other than changing the ownership of etc/passwd that would interest customers when I present to them. Is there any way to access the specific checks other than having to look at each source?
Are you asking “What checks does CIS cover?” or “Where does Bigfix deviate from the CIS checklist?” - because those are two different questions.
If there are any deviations (and I don’t think there are any), they should be listed on that page or on the SCA Release Notes pages just after it in the “Table of Contents” pane on the left.
If you’re asking about the actual checklist content, we’d refer to the checklist sources (the www.cisecurity.org page for CIS checks, for instance.)
The checklists are pretty comprehensive, most have a couple hundred items to check covering file permissions, services configurations, user rights, security configurations, etc.
I’m looking for specific examples of the tests and ability to remediate themselves, e.g. “Check owner of etc/passwd and reset to root”. Can you think of say 5 or 10 that you feel would be particularly appealing to clients? If I need to go through all of them, I’ll do that.