AUDIT_DENIED_OPEN_PORTS

The “AUDIT_DENIED_OPEN_PORTS” audit check is used to define an open port based policy. Users can specify which ports cannot be open a given system, and if those ports open, then it will be considered a failure. A comma separates more than one port, and the port value could also be a regex.

Tip: For information about the parameters commonly found in Unix custom items, see Unix Configuration Keywords.

<custom_item>

type: AUDIT_DENIED_OPEN_PORTS

description: "Do not allow port 23 (telnet) to be open"

port_type: TCP

ports: "23"

</custom_item>

Copyright © 2024 Tenable, Inc. All rights reserved. Tenable, Tenable Nessus, Tenable Lumin, Assure, and the Tenable logo are registered trademarks of Tenable, Inc. or its affiliates. All other products or services are trademarks of their respective owners.