Detections
Analytics

Item Search

NameAudit NamePluginCategory
1 - Application specific loggingTNS Best Practice Jetty 9 LinuxUnix
3 - Configure log file size limit - org.eclipse.jetty.server.handler.RequestLogHandlerTNS Best Practice Jetty 9 LinuxUnix

AUDIT AND ACCOUNTABILITY

4 - Restrict access to $JETTY_HOME - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

7 - SSL implementation - start.jar --module=deployTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

8 - Secure DatasourcesTNS Best Practice JBoss 7 LinuxUnix

CONFIGURATION MANAGEMENT

10 - Enable SSL ConnectorTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

11 - Access Control - JAASTNS Best Practice Jetty 9 LinuxUnix
12 - Remove and mask informational headers - Server Property OverrideTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

13 - Disable stacktrace in response bodyTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

13 - Restrict access to temp directory - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

14 - SSL Encryption - WSDL Secure PortTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

16 - ORB Subsystem - Security-Domain SetTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

16 - Restrict access to JETTY.policy - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

21 - Restrict access to users.xml - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

28 - Ensure scheme is set accuratelyTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

37 - Configure maxHttpHeaderSizeTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

41 - Do not run applications as privilegedTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

Adtran : Disable TelnetTNS Adtran AOS Best Practice AuditAdtran

CONFIGURATION MANAGEMENT

Adtran : Enable aaaTNS Adtran AOS Best Practice AuditAdtran

IDENTIFICATION AND AUTHENTICATION

Adtran : Enable security mode on virtual access point (VAP)TNS Adtran AOS Best Practice AuditAdtran

ACCESS CONTROL

Adtran : Ensure a trusted, primary DNS server is setTNS Adtran AOS Best Practice AuditAdtran

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Ensure a trusted, secondary DNS server is setTNS Adtran AOS Best Practice AuditAdtran

SYSTEM AND COMMUNICATIONS PROTECTION

Buffer overflow protection should be configured 'LimitRequestFieldsize'TNS IBM HTTP Server Best PracticeUnix

SYSTEM AND INFORMATION INTEGRITY

CGI-BIN directory should be disabled. 'Directory'TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

CGI-BIN directory should be disabled. 'LoadModule env_module'TNS IBM HTTP Server Best PracticeUnix

CONFIGURATION MANAGEMENT

Extreme : Configure Banner before-loginTNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

ACCESS CONTROL

Extreme : Password Policy - history <=4TNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

IDENTIFICATION AND AUTHENTICATION

Extreme : Password Policy - lockout-on-login-failuresTNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

ACCESS CONTROL

Extreme : SNMP community name != privateTNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

SYSTEM AND INFORMATION INTEGRITY

File permissions in the root document should only be accessible by administratorTNS IBM HTTP Server Best PracticeWindows
HTTP TRACE method should be disabled. 'RewriteLog'TNS IBM HTTP Server Best PracticeWindows

AUDIT AND ACCOUNTABILITY

Keep Alive setting parameter value should be appropriately configured.TNS IBM HTTP Server Best PracticeWindows

ACCESS CONTROL

Limit HTTP methods allowed by the Web Server.TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

MaxKeepAliveRequests parameter value should be appropriately configured.TNS IBM HTTP Server Best PracticeWindows

SYSTEM AND COMMUNICATIONS PROTECTION

Non-Essential modules should be disabled. 'mod_autoindex'TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

Non-Essential modules should be disabled. 'mod_dav'TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

Non-Essential modules should be disabled. 'mod_status'TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

User IDs which disclose the privileges associated with it, should not be created.TNS IBM HTTP Server Best PracticeWindows

ACCESS CONTROL

WatchGuard : Authentication Settings - 'Management User Idle Timeout'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

ACCESS CONTROL

WatchGuard : Authentication Settings - 'Management User Session Timeout'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

ACCESS CONTROL

WatchGuard : DDoS Prevention - Distributed Denial-of-Service Prevention - Per Client QuotaTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : Device InfoTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

CONFIGURATION MANAGEMENT

WatchGuard : DNS ServersTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : DoS Prevention - Drop IPSEC Flood AttackTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : IPS Logging Threat Level HIGH - EnabledTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

AUDIT AND ACCOUNTABILITY

WatchGuard : IPS Signature Update - 'Enabled'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND INFORMATION INTEGRITY

WatchGuard : LDAP Server NameTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

IDENTIFICATION AND AUTHENTICATION

WatchGuard : Logging - IKE Packet TracingTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

AUDIT AND ACCOUNTABILITY

WatchGuard : Logging - Review Remote Logging Server AddressTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

AUDIT AND ACCOUNTABILITY

WatchGuard : SNMP Configuration - v3 uses DESTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY