Recent content by Septim

Hello! I have found that Proxmox does not pass the following CIS Benchmarks: 2589 - Ensure DCCP is disabled 2590 - Ensure SCTP is disabled 2591 - Ensure RDS is disabled 2592 - Ensure TIPC is disabled Are these transport protocols necessary for the correct functioning of PVE? Thank you in advance!

Hello! I wanted to report the following CIS Benchmark fails: 2560: Ensure NFS and RPC are not enabled 2569: Ensure rsync service is not enabled 2574: Ensure telnet client is not installed Is there a reason why PVE has these services enabled by default? Cheers

Hello! I wanted to report the following CIS Benchmark fails: 2541 - Ensure message of the day is configured properly 2543 - Ensure remote login warning banner is configured properly Is there a reason why PVE does not hide this information when a user attempts to log in? Cheers

I apologize for the annoyance, and will take the complaint into account. Thanks a lot for your answers! Cheers.

Greetings. I have found that Proxmox does not pass the following CIS Benchmarks: 2536 - Ensure core dumps are restricted Is it possible to restrict core dumps without negatively impacting PVE? Thank you in advance!

Greetings. I have found that Proxmox does not pass the following CIS Benchmarks: 2534 - Ensure address space layout randomization (ASLR) is enabled Can ASLR be enabled without negatively affecting PVE? Thank you in advance!

Greetings. I have found that Proxmox does not pass the following CIS Benchmarks: 2530 - Ensure permissions on bootloader config are configured 2531 - Ensure bootloader password is set Would it be possible to configure the Bootloader configuration file as only readable by certain users, and...

Greetings. I have found that Proxmox does not pass the following CIS Benchmarks: 2528 - Ensure AIDE is installed 2529 - Ensure filesystem integrity is regularly checked Is AIDE compatible with PVE? Would installing it and taking snapshots with it affect PVE negatively in any way? Thank you in...

Greetings. I have found that PVE does not pass the following CIS Benchmarks: 2526 - Ensure sudo commands use pty 2527 - Ensure sudo log file exists Would it be possible to configure sudo to only run from a pty without negatively impacting PVE? Thanks in advance!

Greetings. I have found that PVE does not pass the following CIS Benchmark: 2524 - Disable USB Storage Does PVE require USB storages to be enabled to correctly function? Thank you in advance!

Greetings. I have found that PVE does not pass the following CIS Benchmark: 2522 - Ensure noexec option set on /dev/shm partition Would configuring the NOEXEC flag on this partition negatively impact the functioning of PVE? Thank you in advance!

Greetings. I have found that Proxmox VE does not pass the following CIS Benchmarks related to the /tmp location: 2507 - Ensure /tmp is configured 2508 - Ensure nodev option set on /tmp partition 2509 - Ensure nosuid option set on /tmp partition 2510 - Ensure noexec option set on /tmp partition...

Greetings. I have found that Proxmox does not pass the following CIS Benchmarks: 2500 - Ensure mounting of freevxfs filesystems is disabled 2501 - Ensure mounting of jffs2 filesystems is disabled 2502 - Ensure mounting of hfs filesystems is disabled 2503 - Ensure mounting of hfsplus filesystems...