Detections
Analytics

Item Search

NameAudit NamePluginCategory
1 - Application specific logging - ${jetty.base}/start.ini --module=loggingTNS Best Practice Jetty 9 LinuxUnix
1 - Remove or Disable Example Content - ExampleDSTNS Best Practice JBoss 7 LinuxUnix

CONFIGURATION MANAGEMENT

2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.websocket.LEVEL=DEBUGTNS Best Practice Jetty 9 LinuxUnix

AUDIT AND ACCOUNTABILITY

3 - Audit Logging - HandlerTNS Best Practice JBoss 7 LinuxUnix

AUDIT AND ACCOUNTABILITY

5 - Granular Log LevelsTNS Best Practice JBoss 7 LinuxUnix

AUDIT AND ACCOUNTABILITY

6 - EncryptionTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7 - File system permissions of log filesTNS Best Practice JBoss 7 LinuxUnix

CONFIGURATION MANAGEMENT

7 - SSL implementation - start.ini --module=deployTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

8 - Management IP - .htacess existsTNS Best Practice Jetty 9 LinuxUnix
8 - Management IP - review $jetty_home/contexts xml fileTNS Best Practice Jetty 9 LinuxUnix
9 - Deployment ScannerTNS Best Practice JBoss 7 LinuxUnix

CONFIGURATION MANAGEMENT

12 - Remove and mask informational headers - JSP ConfigurationTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

13 - Restrict access to temp directory - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

14 - Restrict access to binaries directory - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

15 - Restrict access to web application directory - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

17 - Restrict access to JETTY.properties - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

17 - Setup a security domainTNS Best Practice JBoss 7 LinuxUnix

CONFIGURATION MANAGEMENT

18 - Role Based Authentication per queueTNS Best Practice JBoss 7 LinuxUnix

ACCESS CONTROL

24 - Remove extraneous files and directories - $JETTY_BASE/webapps/balancerTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

24 - Remove extraneous files and directories - $JETTY_BASE/webapps/webdavTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

29 - Ensure secure is set to true only for SSL-enabled ConnectorsTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

31 - Starting with Security ManagerTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

32 - Disabling auto deployment of applicationsTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

33 - Disable deploy on startup of applicationsTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

40 - Do not allow symbolic linkingTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

42 - Do not allow cross context requestsTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

43 - Do not resolve hosts on logging valves - SERVER_XMLTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

44 - Use Lockout RealmsTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

Adtran : Enable NTPTNS Adtran AOS Best Practice AuditAdtran
Adtran : Enable service password-encryptionTNS Adtran AOS Best Practice AuditAdtran

IDENTIFICATION AND AUTHENTICATION

Adtran : Encrypt enable passwordTNS Adtran AOS Best Practice AuditAdtran

IDENTIFICATION AND AUTHENTICATION

Adtran : Ensure DHCP is Disabled unless neededTNS Adtran AOS Best Practice AuditAdtran

CONFIGURATION MANAGEMENT

Adtran : Ensure the log level is set at an appropriate settingTNS Adtran AOS Best Practice AuditAdtran

AUDIT AND ACCOUNTABILITY

Adtran : Set 'login' BannerTNS Adtran AOS Best Practice AuditAdtran

ACCESS CONTROL

Adtran : SNMP 'PUBLIC' community string not usedTNS Adtran AOS Best Practice AuditAdtran

IDENTIFICATION AND AUTHENTICATION

Adtran : Web Session Timeout <= 900 secsTNS Adtran AOS Best Practice AuditAdtran

ACCESS CONTROL

WatchGuard : Authentication Settings - 'Authentication User Timeout'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

ACCESS CONTROL

WatchGuard : DoS Prevention - Drop IKE Flood AttackTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : DoS Prevention - Drop IP Source RouteTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : DoS Prevention - Drop UDP Flood AttackTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : Gateway AntiVirus - 'Enabled'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND INFORMATION INTEGRITY

WatchGuard : ICMP Error Handling - 'host-unreachable'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : ICMP Error Handling - 'port-unreachable'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : ICMP Error Handling - 'time-exceeded'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : IPS - 'Enabled'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND INFORMATION INTEGRITY

WatchGuard : IPS Logging Threat Level Medium - EnabledTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

AUDIT AND ACCOUNTABILITY

WatchGuard : IPS Threat Level Action High - DROP or BLOCKTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND INFORMATION INTEGRITY

WatchGuard : Logging - Syslog TimestampsTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

AUDIT AND ACCOUNTABILITY

WatchGuard : Single Sign-On - 'Enabled'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

IDENTIFICATION AND AUTHENTICATION

WatchGuard : SNMP Configuration - v3 user has password - priv protocolTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

ACCESS CONTROL