Detections
Analytics

Item Search

NameAudit NamePluginCategory
1 - Application specific logging - start.jar --module=loggingTNS Best Practice Jetty 9 LinuxUnix
2 - Remove or Disable Example Content - enable-welcome-rootTNS Best Practice JBoss 7 LinuxUnix

CONFIGURATION MANAGEMENT

2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.LEVEL=INFOTNS Best Practice Jetty 9 LinuxUnix

AUDIT AND ACCOUNTABILITY

2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.StrErrLogTNS Best Practice Jetty 9 LinuxUnix

AUDIT AND ACCOUNTABILITY

3 - Audit Logging - LoggerTNS Best Practice JBoss 7 LinuxUnix

AUDIT AND ACCOUNTABILITY

3 - Configure log file size limit - SettingsTNS Best Practice Jetty 9 LinuxUnix

AUDIT AND ACCOUNTABILITY

12 - Restrict access to logs directory - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

12 - Restrict access to logs directory - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

15 - AuthenticationTNS Best Practice JBoss 7 LinuxUnix

IDENTIFICATION AND AUTHENTICATION

15 - Restrict access to web application directory - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

16 - ORB Subsystem - Initializers OnTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

16 - Restrict access to JETTY.policy - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

17 - Restrict access to JETTY.properties - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

19 - Restrict access to logging.properties - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

20 - Enable EncryptionTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

20 - Restrict access to server.xml - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

23 - Strong password policy must be establishedTNS Best Practice Jetty 9 LinuxUnix
24 - Remove extraneous files and directories - $JETTY_BASE/webapps/docTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

24 - Remove extraneous files and directories - $JETTY_BASE/webapps/servlet-exampleTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

25 - Disable Unused ConnectorsTNS Best Practice Jetty 9 LinuxUnix
34 - Ensure Web content directory is on a separate partition from the system filesTNS Best Practice Jetty 9 LinuxUnix
35 - Do not allow custom header status messagesTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

Adtran : Disable SSID BroadcastTNS Adtran AOS Best Practice AuditAdtran

CONFIGURATION MANAGEMENT

Adtran : Enable aaa authenticationTNS Adtran AOS Best Practice AuditAdtran

ACCESS CONTROL

Adtran : Ensure the default 'admin' username is not usedTNS Adtran AOS Best Practice AuditAdtran

ACCESS CONTROL

Adtran : Firewall - Ensure winnuke protection is enabledTNS Adtran AOS Best Practice AuditAdtran

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Password Policy - no weak passwordsTNS Adtran AOS Best Practice AuditAdtran

IDENTIFICATION AND AUTHENTICATION

Adtran : Secure Web Access - HTTP disabledTNS Adtran AOS Best Practice AuditAdtran

CONFIGURATION MANAGEMENT

Buffer overflow protection should be configured 'LimitRequestFields'TNS IBM HTTP Server Best PracticeUnix

SYSTEM AND INFORMATION INTEGRITY

Buffer overflow protection should be configured 'LimitRequestline'TNS IBM HTTP Server Best PracticeUnix

SYSTEM AND INFORMATION INTEGRITY

CGI-BIN directory should be disabled. 'AddModule mod_env.c'TNS IBM HTTP Server Best PracticeUnix

CONFIGURATION MANAGEMENT

Directory access permissions should be restricted.TNS IBM HTTP Server Best PracticeUnix

CONFIGURATION MANAGEMENT

Extreme : Configure idletimeout <= 15TNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

ACCESS CONTROL

Extreme : Configure max-failed-logins <= 3TNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

ACCESS CONTROL

Extreme : Disable TelnetTNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

CONFIGURATION MANAGEMENT

Extreme : Password Policy - char-validationTNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

IDENTIFICATION AND AUTHENTICATION

Extreme : Password Policy - min-length >= 8TNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

IDENTIFICATION AND AUTHENTICATION

HTTP TRACE method should be disabled. 'RewriteLog'TNS IBM HTTP Server Best PracticeUnix

CONFIGURATION MANAGEMENT

Huawei: Configure appropriate External Syslog serverTNS Huawei VRP Best Practice AuditHuawei

AUDIT AND ACCOUNTABILITY

Huawei: Enable AAA accountingTNS Huawei VRP Best Practice AuditHuawei

IDENTIFICATION AND AUTHENTICATION

Huawei: Simple Password Authentication is not used.TNS Huawei VRP Best Practice AuditHuawei

IDENTIFICATION AND AUTHENTICATION

Keep Alive Timeout setting value should be appropriately configured.TNS IBM HTTP Server Best PracticeUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Logging Directives should be restricted to authorized users. - 'LogLevel notice'TNS IBM HTTP Server Best PracticeUnix

AUDIT AND ACCOUNTABILITY

Logs containing auditing information should be secured at the directory level.TNS IBM HTTP Server Best PracticeWindows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

MinSpareServers parameter value should be appropriately configured.TNS IBM HTTP Server Best PracticeWindows

SYSTEM AND COMMUNICATIONS PROTECTION

Non-Essential modules should be disabled. 'mod_include'TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

Non-Essential modules should be disabled. 'mod_status'TNS IBM HTTP Server Best PracticeUnix

CONFIGURATION MANAGEMENT

Server version information parameters should be turned off - 'ServerTokens Prod'TNS IBM HTTP Server Best PracticeUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Timeout value parameter value should be appropriately configuredTNS IBM HTTP Server Best PracticeUnix

ACCESS CONTROL

WatchGuard : SNMP Configuration - v3 uses SHA1 Auth AlgorithmTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION