TOC & Recently Viewed

Recently Viewed Topics

CONFIG_CHECK Examples

The following are examples of using CONFIG_CHECK against a Check Point device:

<custom_item>

type: CONFIG_CHECK

description: "1.0 Require strong Password Controls - 'min-password-length >= 8'"

regex: "set password-controls min-password-length"

expect: "set password-controls min-password-length ([8-9]|[0-9][0-9]+)"

info: "Require Password Lengths greater than or equal to 8."

</custom_item>

<custom_item>

type: CONFIG_CHECK

description: "1.0 Require strong Password Controls - 'password-expiration != never'"

regex: "set password-controls password-expiration"

not_expect: "set password-controls password-expiration never"

info: "Allow passwords to expire"

</custom_item>

<custom_item>

type: CONFIG_CHECK

description: "2.13 Secure SNMP"

regex: "set snmp .+"

severity: MEDIUM

info: "Manually review SNMP settings."

</custom_item>

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.