Detections
Analytics

Item Search

NameAudit NamePluginCategory
3 - Configure log file size limit - SettingsTNS Best Practice Jetty 9 LinuxUnix

AUDIT AND ACCOUNTABILITY

6 - Run your Instance as non privileged userTNS Best Practice JBoss 7 LinuxUnix

ACCESS CONTROL

7 - SSL implementation - start.ini --module=httpsTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7 - SSL implementation - start.jar --module=httpsTNS Best Practice Jetty 9 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

11 - Access Control - JAASTNS Best Practice Jetty 9 LinuxUnix
13 - Restrict access to temp directory - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

14 - Restrict access to binaries directory - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

15 - Restrict access to web application directory - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

15 - Restrict access to web application directory - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

16 - ORB Subsystem - Initializers OnTNS Best Practice JBoss 7 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

16 - Restrict access to JETTY.policy - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

16 - Restrict access to JETTY.policy - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

18 - Restrict access to context.xml - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

18 - Role Based Authentication per queueTNS Best Practice JBoss 7 LinuxUnix

ACCESS CONTROL

19 - Restrict access to logging.properties - modeTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

20 - Restrict access to server.xml - ownerTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

24 - Remove extraneous files and directories - $JETTY_BASE/webapps/servlet-exampleTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

32 - Disabling auto deployment of applicationsTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

42 - Do not allow cross context requestsTNS Best Practice Jetty 9 LinuxUnix

ACCESS CONTROL

43 - Do not resolve hosts on logging valves - CONTEXT_XMLTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

Buffer overflow protection should be configured 'LimitRequestBody'TNS IBM HTTP Server Best PracticeWindows

SYSTEM AND COMMUNICATIONS PROTECTION

CGI-BIN directory should be disabled. 'AddModule mod_env.c'TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

CGI-BIN directory should be disabled. 'AddModule mod_env.c'TNS IBM HTTP Server Best PracticeUnix

CONFIGURATION MANAGEMENT

HTTP TRACE method should be disabled. 'TraceEnable'TNS IBM HTTP Server Best PracticeWindows

CONFIGURATION MANAGEMENT

Huawei: Command Levels Not ChangedTNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

Huawei: Device clock = UTCTNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

Huawei: Disable FTP IPV4TNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

Huawei: Disable Telnet on IPV4TNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

Huawei: Enable AAA authorizationTNS Huawei VRP Best Practice AuditHuawei

IDENTIFICATION AND AUTHENTICATION

Huawei: Enable SSHTNS Huawei VRP Best Practice AuditHuawei

SYSTEM AND COMMUNICATIONS PROTECTION

Huawei: External Syslog server is configuredTNS Huawei VRP Best Practice AuditHuawei

AUDIT AND ACCOUNTABILITY

Huawei: NTP is enabledTNS Huawei VRP Best Practice AuditHuawei

AUDIT AND ACCOUNTABILITY

Huawei: Set appropriate 'login' headerTNS Huawei VRP Best Practice AuditHuawei

ACCESS CONTROL

Huawei: Set System NameTNS Huawei VRP Best Practice AuditHuawei

CONFIGURATION MANAGEMENT

Huawei: Simple Password Authentication is not used.TNS Huawei VRP Best Practice AuditHuawei

IDENTIFICATION AND AUTHENTICATION

Huawei: SNMP Community string != publicTNS Huawei VRP Best Practice AuditHuawei

IDENTIFICATION AND AUTHENTICATION

Huawei: SSH Max Retries <= 3TNS Huawei VRP Best Practice AuditHuawei

ACCESS CONTROL

Keep Alive Timeout setting value should be appropriately configured.TNS IBM HTTP Server Best PracticeWindows

ACCESS CONTROL

Logs containing auditing information should be secured at the directory level.TNS IBM HTTP Server Best PracticeWindows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

MaxSpareServers parameter value should be appropriately configured.TNS IBM HTTP Server Best PracticeWindows

SYSTEM AND COMMUNICATIONS PROTECTION

User IDs which disclose the privileges associated with it, should not be created.TNS IBM HTTP Server Best PracticeWindows

ACCESS CONTROL

WatchGuard : Authentication Settings - 'Management User Idle Timeout'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

ACCESS CONTROL

WatchGuard : DoS Prevention - Block Port Space ProbesTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : DoS Prevention - Drop ICMP Flood AttackTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : DoS Prevention - Drop IPSEC Flood AttackTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

SYSTEM AND COMMUNICATIONS PROTECTION

WatchGuard : IPS Logging Threat Level Medium - EnabledTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

AUDIT AND ACCOUNTABILITY

WatchGuard : LDAP Server NameTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

IDENTIFICATION AND AUTHENTICATION

WatchGuard : Logging - Review Remote Logging Server AddressTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

AUDIT AND ACCOUNTABILITY

WatchGuard : Single Sign-On - 'Enabled'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

IDENTIFICATION AND AUTHENTICATION

WatchGuard : SNMP Configuration - community string - 'private'TNS Best Practice WatchGuard Audit 1.0.0WatchGuard

IDENTIFICATION AND AUTHENTICATION