TOC & Recently Viewed

Recently Viewed Topics

AUDIT_PROCESS_ON_PORT

The “AUDIT_PROCESS_PORT” check allows users to verify whether the process running on a port is indeed an authorized process and not a backdoor process hiding in plain sight. More than one allowed process can be separated by a “|” (pipe) character.

<custom_item>

type: AUDIT_PROCESS_ON_PORT

description: "Make sure 'sshd' is running on port 22"

port_type: TCP

ports: "22"

name: "sshd|launchd"

</custom_item>

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.