CIS compliance (sysctl, limits)
* CIS 1.5.1 Ensure core dumps are restricted
* CIS 1.5.3 Ensure address space layout randomization (ASLR) is enabled
* CIS 3.1.2 Ensure packet redirect sending is disabled
* CIS 3.2.1 Ensure source routed packets are not accepted
* CIS 3.2.2 Ensure ICMP redirects are not accepted
* CIS 3.2.3 Ensure secure ICMP redirects are not accepted
* CIS 3.2.4 Ensure suspicious packets are logged
* CIS 3.2.5 Ensure broadcast ICMP requests are ignored
* CIS 3.2.6 Ensure bogus ICMP responses are ignored
* CIS 3.2.7 Ensure Reverse Path Filtering is enabled
* CIS 3.2.8 Ensure TCP SYN Cookies is enabled
All sysctls are valid for Ubuntu 14.04, Ubuntu 16.04.
Change-Id: I48f34c55d97a78c253d4810db46b2a04ff5c0c1a
diff --git a/metadata/service/system/cis/init.yml b/metadata/service/system/cis/init.yml
index fa119a2..ca4bcec 100644
--- a/metadata/service/system/cis/init.yml
+++ b/metadata/service/system/cis/init.yml
@@ -1,2 +1,21 @@
classes:
+- service.linux.system.cis.cis-1-1-1-1
+- service.linux.system.cis.cis-1-1-1-2
+- service.linux.system.cis.cis-1-1-1-3
+- service.linux.system.cis.cis-1-1-1-4
+- service.linux.system.cis.cis-1-1-1-5
+- service.linux.system.cis.cis-1-1-1-6
+- service.linux.system.cis.cis-1-1-1-7
+- service.linux.system.cis.cis-1-1-1-8
+- service.linux.system.cis.cis-1-5-1
+- service.linux.system.cis.cis-1-5-3
+- service.linux.system.cis.cis-3-1-2
+- service.linux.system.cis.cis-3-2-1
+- service.linux.system.cis.cis-3-2-2
+- service.linux.system.cis.cis-3-2-3
+- service.linux.system.cis.cis-3-2-4
+- service.linux.system.cis.cis-3-2-5
+- service.linux.system.cis.cis-3-2-6
+- service.linux.system.cis.cis-3-2-7
+- service.linux.system.cis.cis-3-2-8
- service.linux.system.cis.cis-3-3-3