commit
e3cc751d5c
|
@ -8,7 +8,7 @@ info:
|
||||||
Authentication, authorization and accounting (AAA) services provide an authoritative source for managing and monitoring access for devices.
|
Authentication, authorization and accounting (AAA) services provide an authoritative source for managing and monitoring access for devices.
|
||||||
reference:
|
reference:
|
||||||
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-a2.html#GUID-E05C2E00-C01E-4053-9D12-EC37C7E8EEC5
|
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-a2.html#GUID-E05C2E00-C01E-4053-9D12-EC37C7E8EEC5
|
||||||
tags: cisco,config-audit,cisco-switch,router
|
tags: cisco,config-audit,cisco-switch,file,router
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -8,7 +8,7 @@ info:
|
||||||
To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
|
To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
|
||||||
reference:
|
reference:
|
||||||
- https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
|
- https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
|
||||||
tags: cisco,config-audit,cisco-switch,router
|
tags: cisco,config-audit,cisco-switch,file,router
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -8,7 +8,7 @@ info:
|
||||||
To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
|
To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
|
||||||
reference:
|
reference:
|
||||||
- https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
|
- https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
|
||||||
tags: cisco,config-audit,cisco-switch,router
|
tags: cisco,config-audit,cisco-switch,file,router
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -8,7 +8,7 @@ info:
|
||||||
Organizations should plan and implement network policies to ensure unnecessary services are explicitly disabled. The 'ip source-route' feature has been used in several attacks and should be disabled.
|
Organizations should plan and implement network policies to ensure unnecessary services are explicitly disabled. The 'ip source-route' feature has been used in several attacks and should be disabled.
|
||||||
reference:
|
reference:
|
||||||
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book/ipaddr-i4.html#GUID-C7F971DD-358F-4B43-9F3E-244F5D4A3A93
|
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book/ipaddr-i4.html#GUID-C7F971DD-358F-4B43-9F3E-244F5D4A3A93
|
||||||
tags: cisco,config-audit,cisco-switch,router
|
tags: cisco,config-audit,cisco-switch,file,router
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -8,7 +8,7 @@ info:
|
||||||
To reduce the risk of unauthorized access, organizations should implement a security policy restricting unnecessary services such as the 'PAD' service.
|
To reduce the risk of unauthorized access, organizations should implement a security policy restricting unnecessary services such as the 'PAD' service.
|
||||||
reference:
|
reference:
|
||||||
- http://www.cisco.com/en/US/docs/ios-xml/ios/wan/command/wan-s1.html#GUID-C5497B77-3FD4-4D2F-AB08-1317D5F5473B
|
- http://www.cisco.com/en/US/docs/ios-xml/ios/wan/command/wan-s1.html#GUID-C5497B77-3FD4-4D2F-AB08-1317D5F5473B
|
||||||
tags: cisco,config-audit,cisco-switch,router
|
tags: cisco,config-audit,cisco-switch,file,router
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -8,7 +8,7 @@ info:
|
||||||
To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
|
To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
|
||||||
reference:
|
reference:
|
||||||
- https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
|
- https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
|
||||||
tags: cisco,config-audit,cisco-switch,router
|
tags: cisco,config-audit,cisco-switch,file,router
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -8,7 +8,7 @@ info:
|
||||||
Enabling the Cisco IOS 'logging enable' command enforces the monitoring of technology risks for the organizations' network devices.
|
Enabling the Cisco IOS 'logging enable' command enforces the monitoring of technology risks for the organizations' network devices.
|
||||||
reference:
|
reference:
|
||||||
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/config-mgmt/configuration/xe-16-6/config-mgmt-xe-16-6-book/cm-config-logger.pdf
|
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/config-mgmt/configuration/xe-16-6/config-mgmt-xe-16-6-book/cm-config-logger.pdf
|
||||||
tags: cisco,config-audit,cisco-switch
|
tags: cisco,config-audit,cisco-switch,file
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -6,7 +6,7 @@ info:
|
||||||
severity: info
|
severity: info
|
||||||
description: If USB installation is not disabled, an attacker with physical access to a FortiGate could load a new configuration or firmware using the USB port.
|
description: If USB installation is not disabled, an attacker with physical access to a FortiGate could load a new configuration or firmware using the USB port.
|
||||||
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
|
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
|
||||||
tags: fortigate,config,audit,firewall
|
tags: audit,config,file,firewall,fortigate
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -6,7 +6,7 @@ info:
|
||||||
severity: info
|
severity: info
|
||||||
description: Heuristic scanning is a technique used to identify previously unknown viruses. A value of block enables heuristic AV scanning of binary files and blocks any detected. A replacement message will be forwarded to the recipient. Blocked files are quarantined if quarantine is enabled.
|
description: Heuristic scanning is a technique used to identify previously unknown viruses. A value of block enables heuristic AV scanning of binary files and blocks any detected. A replacement message will be forwarded to the recipient. Blocked files are quarantined if quarantine is enabled.
|
||||||
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
|
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
|
||||||
tags: fortigate,config,audit,firewall
|
tags: audit,config,file,firewall,fortigate
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -6,7 +6,7 @@ info:
|
||||||
severity: info
|
severity: info
|
||||||
description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
|
description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
|
||||||
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
|
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
|
||||||
tags: fortigate,config,audit,firewall
|
tags: audit,config,file,firewall,fortigate
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -6,7 +6,7 @@ info:
|
||||||
severity: info
|
severity: info
|
||||||
description: If the FortiGate is compromised and Password is not recoverable. A maintainer account can be used by an administrator with physical access to log into CLI..
|
description: If the FortiGate is compromised and Password is not recoverable. A maintainer account can be used by an administrator with physical access to log into CLI..
|
||||||
reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
|
reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
|
||||||
tags: fortigate,config,audit,firewall
|
tags: audit,config,file,firewall,fortigate
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -6,7 +6,7 @@ info:
|
||||||
severity: info
|
severity: info
|
||||||
description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
|
description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
|
||||||
reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
|
reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
|
||||||
tags: fortigate,config,audit,firewall
|
tags: audit,config,file,firewall,fortigate
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -6,7 +6,7 @@ info:
|
||||||
severity: info
|
severity: info
|
||||||
description: Disable SCP by default. Enabling SCP allows downloading the configuration file from the FortiGate as an alternative method of backing up the configuration file.
|
description: Disable SCP by default. Enabling SCP allows downloading the configuration file from the FortiGate as an alternative method of backing up the configuration file.
|
||||||
reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
|
reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
|
||||||
tags: fortigate,config,audit,firewall
|
tags: audit,config,file,firewall,fortigate
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -6,7 +6,7 @@ info:
|
||||||
severity: info
|
severity: info
|
||||||
description: Weak Ciphers can be broken by an attacker in a local network and can perform attacks like Blowfish.
|
description: Weak Ciphers can be broken by an attacker in a local network and can perform attacks like Blowfish.
|
||||||
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
|
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
|
||||||
tags: fortigate,config,audit,firewall
|
tags: audit,config,file,firewall,fortigate
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -11,7 +11,7 @@ info:
|
||||||
- https://docs.netgate.com/pfsense/en/latest/usermanager/defaults.html
|
- https://docs.netgate.com/pfsense/en/latest/usermanager/defaults.html
|
||||||
remediation: |
|
remediation: |
|
||||||
Deletes the known default accounts configured.
|
Deletes the known default accounts configured.
|
||||||
tags: firewall,config,audit,pfsense
|
tags: audit,config,file,firewall,pfsense
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
|
@ -8,7 +8,7 @@ info:
|
||||||
reference:
|
reference:
|
||||||
- https://www.tecmint.com/10-most-dangerous-commands-you-should-never-execute-on-linux/
|
- https://www.tecmint.com/10-most-dangerous-commands-you-should-never-execute-on-linux/
|
||||||
- https://phoenixnap.com/kb/dangerous-linux-terminal-commands
|
- https://phoenixnap.com/kb/dangerous-linux-terminal-commands
|
||||||
tags: bash,shell,sh
|
tags: bash,file,shell,sh
|
||||||
|
|
||||||
file:
|
file:
|
||||||
- extensions:
|
- extensions:
|
||||||
|
|
Loading…
Reference in New Issue