27 lines
774 B
YAML
27 lines
774 B
YAML
|
id: inactivity-timeout
|
||
|
|
||
|
info:
|
||
|
name: Inactivity Timeout Not Implemented
|
||
|
author: pussycat0x
|
||
|
severity: info
|
||
|
description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
|
||
|
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
|
||
|
tags: fortigate,config,audit,firewall
|
||
|
|
||
|
file:
|
||
|
- extensions:
|
||
|
- conf
|
||
|
|
||
|
matchers-condition: and
|
||
|
matchers:
|
||
|
- type: word
|
||
|
words:
|
||
|
- "set admin-console-timeout"
|
||
|
negative: true
|
||
|
|
||
|
- type: word
|
||
|
words:
|
||
|
- "config system"
|
||
|
- "config router"
|
||
|
- "config firewall"
|
||
|
condition: or
|