daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

PfSence - changes

patch-1
pussycat0x 2023-07-06 11:57:03 +05:30
parent cfbd8a11d2
commit 80e7770e19
6 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
file/audit/pfsense/configure-dns-server.yaml
View File

@ -1,11 +1,11 @@
id: configure-dns-server
info:
name: DNS Server Configuration - Detect
name: DNS Server Not Implemented - Detect
author: pussycat0x
severity: info
description: |
Netgate DNS is recommended to be configured over TLS. This prevents intermediate parties and potential attackers from viewing the content of DNS queries and can also assure that DNS is being provided by the expected DNS servers.
DNS is recommended to be configured over TLS. This prevents intermediate parties and potential attackers from viewing the content of DNS queries and can also assure that DNS is being provided by the expected DNS servers.
reference: |
https://docs.netgate.com/pfsense/en/latest/recipes/dns-over-tls.html
classification:

4
file/audit/pfsense/configure-session-timeout.yaml
View File

@ -1,11 +1,11 @@
id: configure-session-timeout
info:
name: Netgate Configure Sessions Timeout - Detect
name: PfSence Configure Sessions Timeout Not Set - Detect
author: pussycat0x
severity: info
description: |
Netgate configure sessions timeout is recommended to be enabled. An indefinite or even long session timeout window can increase the risk of an attacker abusing abandoned sessions and potentially being able to obtain sensitive information, modify data, and/or execute unauthorized operations.
Configure sessions timeout is recommended to be enabled. An indefinite or even long session timeout window can increase the risk of an attacker abusing abandoned sessions and potentially being able to obtain sensitive information, modify data, and/or execute unauthorized operations.
reference: |
https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
classification:

4
file/audit/pfsense/enable-https-protocol.yaml
View File

@ -1,11 +1,11 @@
id: enable-https-protocol
info:
name: Netgate Web Admin Management Portal/HTTPS - Detect
name: Pfsence Web Admin Management Portal HTTPS Not Set - Detect
author: pussycat0x
severity: info
description: |
Netgate Web Admin Management Portal is recommended to be accessible using only HTTPS protocol. HTTP transmits all data, including passwords, in clear text over the network and provides no assurance of the identity of the hosts involved, making it possible for an attacker to obtain sensitive information, modify data, and/or execute unauthorized operations.
PfSence Web Admin Management Portal is recommended to be accessible using only HTTPS protocol. HTTP transmits all data, including passwords, in clear text over the network and provides no assurance of the identity of the hosts involved, making it possible for an attacker to obtain sensitive information, modify data, and/or execute unauthorized operations.
reference: |
https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
classification:

4
file/audit/pfsense/known-default-account.yaml
View File

@ -1,11 +1,11 @@
id: known-default-account
info:
name: Netgate Known Default Account - Detect
name: PfSence Known Default Account - Detect
author: pussycat0x
severity: info
description: |
Netgate configured known default accounts are recommended to be deleted. In order to attempt access to known devices' platforms, an attacker can use the available database of the known default accounts for each platform or operating system. Known default accounts are often, but not limited to, 'admin'.
PfSence configured known default accounts are recommended to be deleted. In order to attempt access to known devices' platforms, an attacker can use the available database of the known default accounts for each platform or operating system. Known default accounts are often, but not limited to, 'admin'.
reference: |
- https://docs.netgate.com/pfsense/en/latest/usermanager/defaults.html
classification:

4
file/audit/pfsense/password-protected-consolemenu.yaml
View File

@ -1,11 +1,11 @@
id: password-protected-consolemenu
info:
name: Netgate Password Protection Configuration - Detect
name: PfSence Consolemenu Password Protection Not Implememnted - Detect
author: pussycat0x
severity: info
description: |
Netgate password protection via the Console Menu is recommended to be configured. An unattended computer with an open Console Menu session can allow an unauthorized user access to the firewall management.
PfSence password protection via the Console Menu is recommended to be configured. An unattended computer with an open Console Menu session can allow an unauthorized user access to the firewall management.
reference: |
https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
classification:

4
file/audit/pfsense/set-hostname.yaml
View File

@ -1,11 +1,11 @@
id: set-hostname
info:
name: Netgate Hostname - Detect
name: PfSence Hostname Not Set - Detect
author: pussycat0x
severity: info
description: |
Netgate hostname should be set so that other devices on the network can correctly identify it. The hostname is a unique identifier for the device.
PfSence Hostname should be set so that other devices on the network can correctly identify it. The hostname is a unique identifier for the device.
reference: |
https://docs.netgate.com/pfsense/en/latest/config/general.html
classification: