commit
607f2a888f
|
@ -0,0 +1,30 @@
|
|||
id: configure-dns-server
|
||||
|
||||
info:
|
||||
name: Configure DNS Server
|
||||
author: pussycat0x
|
||||
severity: info
|
||||
description: |
|
||||
The purpose DNs server is to perform the resolution of system hostnames to Internet Protocol (IP) addresses.
|
||||
reference: |
|
||||
https://docs.netgate.com/pfsense/en/latest/recipes/dns-over-tls.html
|
||||
metadata:
|
||||
verified: true
|
||||
tags: firewall,config,audit,pfsense,file
|
||||
|
||||
file:
|
||||
- extensions:
|
||||
- xml
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<dnsserver>"
|
||||
negative: true
|
||||
|
||||
- type: word
|
||||
words:
|
||||
- "<pfsense>"
|
||||
- "<system>"
|
||||
condition: and
|
|
@ -0,0 +1,33 @@
|
|||
id: configure-session-timeout
|
||||
|
||||
info:
|
||||
name: Configure Sessions Timeout
|
||||
author: pussycat0x
|
||||
severity: info
|
||||
description: |
|
||||
Indefinite or even long session timeout window increase the risk of attackers abusing abandoned sessions.
|
||||
reference: |
|
||||
https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
|
||||
metadata:
|
||||
verified: true
|
||||
tags: firewall,config,audit,pfsense,file
|
||||
|
||||
file:
|
||||
- extensions:
|
||||
- xml
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<session_timeout>"
|
||||
- "<session_timeout>0</session_timeout>"
|
||||
condition: or
|
||||
negative: true
|
||||
|
||||
- type: word
|
||||
words:
|
||||
- "<pfsense>"
|
||||
- "<webgui>"
|
||||
- "<system>"
|
||||
condition: and
|
|
@ -0,0 +1,33 @@
|
|||
id: enable-https-protocol
|
||||
|
||||
info:
|
||||
name: Enable HTTPS on Web Management
|
||||
author: pussycat0x
|
||||
severity: info
|
||||
description: |
|
||||
Web Admin Management Portal should only be accessed using HTTPS Protocol.HTTP transmits all data (including passwords) in clear text over the network and
|
||||
provides no assurance of the identity of the hosts involved.
|
||||
reference: |
|
||||
https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
|
||||
metadata:
|
||||
verified: true
|
||||
tags: firewall,config,audit,pfsense,file
|
||||
|
||||
file:
|
||||
- extensions:
|
||||
- xml
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<webgui>"
|
||||
- "<protocol>https</protocol>"
|
||||
condition: and
|
||||
negative: true
|
||||
|
||||
- type: word
|
||||
words:
|
||||
- "<pfsense>"
|
||||
- "<system>"
|
||||
condition: and
|
|
@ -0,0 +1,33 @@
|
|||
id: password-protected-consolemenu
|
||||
|
||||
info:
|
||||
name: Configure Password Protected on Console Menu
|
||||
author: pussycat0x
|
||||
severity: info
|
||||
description: |
|
||||
An unattended computer with an open Console Menu session to the device could allow an unauthorized user access to the firewall’s management.
|
||||
reference: |
|
||||
https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
|
||||
metadata:
|
||||
verified: true
|
||||
tags: firewall,config,audit,pfsense,file
|
||||
|
||||
file:
|
||||
- extensions:
|
||||
- xml
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<disableconsolemenu>"
|
||||
- "<disableconsolemenu>1</disableconsolemenu>"
|
||||
condition: or
|
||||
negative: true
|
||||
|
||||
- type: word
|
||||
words:
|
||||
- "<pfsense>"
|
||||
- "<webgui>"
|
||||
- "<system>"
|
||||
condition: and
|
Loading…
Reference in New Issue