Detections
Analytics

Item Search

NameAudit NamePluginCategory
1 - Application specific logging - start.jar --module=loggingTNS Best Practice Jetty 9 LinuxUnix
2 - Remove or Disable Example Content - enable-welcome-rootTNS Best Practice JBoss 7 LinuxUnix

CONFIGURATION MANAGEMENT

2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.LEVEL=INFOTNS Best Practice Jetty 9 LinuxUnix

AUDIT AND ACCOUNTABILITY

2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.StrErrLogTNS Best Practice Jetty 9 LinuxUnix

AUDIT AND ACCOUNTABILITY

3 - Audit Logging - LoggerTNS Best Practice JBoss 7 LinuxUnix

AUDIT AND ACCOUNTABILITY

3 - Configure log file size limit - SettingsTNS Best Practice Jetty 9 LinuxUnix

AUDIT AND ACCOUNTABILITY

7 - SSL implementation - start.ini --module=httpTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7 - SSL implementation - start.ini --module=httpsTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7 - SSL implementation - start.ini --module=sslTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7 - SSL implementation - start.jar --module=httpTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

12 - Restrict access to logs directory - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

12 - Restrict access to logs directory - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

15 - AuthenticationTNS Best Practice JBoss 7 LinuxUnix

IDENTIFICATION AND AUTHENTICATION

15 - Restrict access to web application directory - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

16 - ORB Subsystem - Initializers OnTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

16 - Restrict access to JETTY.policy - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

17 - Restrict access to JETTY.properties - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

19 - Restrict access to logging.properties - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

20 - Enable EncryptionTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

20 - Restrict access to server.xml - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

23 - Strong password policy must be establishedTNS Best Practice Jetty 9 LinuxUnix
24 - Remove extraneous files and directories - $JETTY_BASE/webapps/docTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

24 - Remove extraneous files and directories - $JETTY_BASE/webapps/servlet-exampleTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

25 - Disable Unused ConnectorsTNS Best Practice Jetty 9 LinuxUnix
34 - Ensure Web content directory is on a separate partition from the system filesTNS Best Practice Jetty 9 LinuxUnix
35 - Do not allow custom header status messagesTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

36 - Configure connectionTimeoutTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

38 - Force SSL for all applicationsTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

39 - Increase the entropy in session identifiersTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Disable SSID BroadcastTNS Adtran AOS Best Practice AuditAdtran

CONFIGURATION MANAGEMENT

Adtran : Enable aaa authenticationTNS Adtran AOS Best Practice AuditAdtran

ACCESS CONTROL

Adtran : Ensure the default 'admin' username is not usedTNS Adtran AOS Best Practice AuditAdtran

ACCESS CONTROL

Adtran : Firewall - Ensure winnuke protection is enabledTNS Adtran AOS Best Practice AuditAdtran

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Password Policy - no weak passwordsTNS Adtran AOS Best Practice AuditAdtran

IDENTIFICATION AND AUTHENTICATION

Adtran : Secure Web Access - HTTP disabledTNS Adtran AOS Best Practice AuditAdtran

CONFIGURATION MANAGEMENT

Huawei: Command Levels Not ChangedTNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

Huawei: Configure appropriate NTP serverTNS Huawei VRP Best Practice AuditHuawei

AUDIT AND ACCOUNTABILITY

Huawei: Disable Telnet on IPV4TNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

Huawei: Enable AAA authenticationTNS Huawei VRP Best Practice AuditHuawei

IDENTIFICATION AND AUTHENTICATION

Huawei: Enable SNMP TrapsTNS Huawei VRP Best Practice AuditHuawei

AUDIT AND ACCOUNTABILITY

Huawei: Insecure HTTP is not configured.TNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

Salesforce.com : User Access - 'No new users have been created since the last scan'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

WatchGuard : Authentication Settings - 'Authentication User Session Timeout'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

ACCESS CONTROL

WatchGuard : Data Loss Prevention Signature Update - 'Enabled'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

WatchGuard : DoS Prevention - Block Port Space ProbesTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : DoS Prevention - Drop SYN Flood AttackTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : IPS Threat Level Action Medium - DROP or BLOCKTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND INFORMATION INTEGRITY

WatchGuard : SNMP Configuration - community string - 'public'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

IDENTIFICATION AND AUTHENTICATION

WatchGuard : SNMP Configuration - v3 user has password - auth protocolTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

ACCESS CONTROL

WatchGuard : SNMP Configuration - Version = '3'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY