yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
fix_python
doc-exports/docs/hss/umn/CLASS.TXT.json
qiaoli 8ac860f1c4 HSS UMN 20240730 version 
Reviewed-by: Rogal, Marcel <mrogal@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: qiaoli <qiaoli@huawei.com>
Co-committed-by: qiaoli <qiaoli@huawei.com>
2024-12-19 12:07:54 +00:00

2405 lines
94 KiB
JSON
Raw Permalink Blame History

[
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Introduction",
"uri":"hss_01_0042.html",
"doc_type":"usermanual",
"p_code":"",
"code":"1"
},
{
"desc":"HSS is designed to protect server workloads in hybrid clouds and multi-cloud data centers. It provides host security functions, Container Guard Service (CGS), and Web Tam",
"product_code":"hss",
"title":"What Is HSS?",
"uri":"hss_01_0001.html",
"doc_type":"usermanual",
"p_code":"1",
"code":"2"
},
{
"desc":"HSS helps you manage and maintain the security of all your servers and reduce common risks.You can check for and fix a range of security issues on a single console, easil",
"product_code":"hss",
"title":"Advantages",
"uri":"hss_01_0002.html",
"doc_type":"usermanual",
"p_code":"1",
"code":"3"
},
{
"desc":"Centralized security managementWith HSS, you can manage the security configurations and events of all your cloud servers on the console, reducing risks and management cos",
"product_code":"hss",
"title":"Scenarios",
"uri":"hss_01_0226.html",
"doc_type":"usermanual",
"p_code":"1",
"code":"4"
},
{
"desc":"HSS provides enterprise, premium, web tamper protection, and container editions. It provides the following functions: Dashboard, Asset Overview, Server Management, Contai",
"product_code":"hss",
"title":"Features",
"uri":"hss_01_0136.html",
"doc_type":"usermanual",
"p_code":"1",
"code":"5"
},
{
"desc":"Free health checkHSS provides a monthly free health check service for Elastic Cloud Server (ECS) that are not protected. HSS can detect software assets, OS vulnerabilitie",
"product_code":"hss",
"title":"Provided Free of Charge",
"uri":"hss_01_0591.html",
"doc_type":"usermanual",
"p_code":"1",
"code":"6"
},
{
"desc":"If you need to assign different permissions to employees in your enterprise to access your HSS resources, IAM is a good choice for fine-grained permissions management. IA",
"product_code":"hss",
"title":"HSS Permissions Management",
"uri":"hss_01_0130.html",
"doc_type":"usermanual",
"p_code":"1",
"code":"7"
},
{
"desc":"Elastic Cloud Server (ECS)Bare Metal Server (BMS)HSS can run on Linux servers (such as CentOS and EulerOS) and Windows servers (such as Windows 2012 and Windows 2016).The",
"product_code":"hss",
"title":"Constraints and Limitations",
"uri":"hss_01_0647.html",
"doc_type":"usermanual",
"p_code":"1",
"code":"8"
},
{
"desc":"The HSS agent can be installed on ECS.For details about ECS, see the Elastic Cloud Server User Guide.CCE can rapidly build a highly reliable container cluster based on cl",
"product_code":"hss",
"title":"Related Services",
"uri":"hss_01_0015.html",
"doc_type":"usermanual",
"p_code":"1",
"code":"9"
},
{
"desc":"Account cracking refers to the intruder behavior of guessing or cracking the password of an account.A baseline specifies the minimum security configuration requirements t",
"product_code":"hss",
"title":"Basic Concepts",
"uri":"hss_01_0004.html",
"doc_type":"usermanual",
"p_code":"1",
"code":"10"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Using IAM to Grant Access to HSS",
"uri":"hss_01_0131.html",
"doc_type":"usermanual",
"p_code":"",
"code":"11"
},
{
"desc":"Custom policies can be created to supplement the system-defined policies of HSS.You can create custom policies using one of the following methods:Visual editor: Select cl",
"product_code":"hss",
"title":"HSS Custom Policies",
"uri":"hss_01_0005.html",
"doc_type":"usermanual",
"p_code":"11",
"code":"12"
},
{
"desc":"This section describes fine-grained permissions management for your HSS instances. If your account does not need individual IAM users, then you may skip over this section",
"product_code":"hss",
"title":"HSS Actions",
"uri":"hss_01_0006.html",
"doc_type":"usermanual",
"p_code":"11",
"code":"13"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Enabling HSS",
"uri":"hss_01_0292.html",
"doc_type":"usermanual",
"p_code":"",
"code":"14"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Installing the Agent",
"uri":"hss_01_0652.html",
"doc_type":"usermanual",
"p_code":"14",
"code":"15"
},
{
"desc":"The HSS agent is a piece of software installed on cloud servers to exchange data between the servers and HSS, implementing security detection and protection. If no agent ",
"product_code":"hss",
"title":"Agent Overview",
"uri":"hss_01_0650.html",
"doc_type":"usermanual",
"p_code":"15",
"code":"16"
},
{
"desc":"You can enable HSS for ECSs only after installing the agent. This section describes how to install the agent on a Linux server.The server is running.Ensure the outbound r",
"product_code":"hss",
"title":"Installing the Agent on a Linux Server",
"uri":"hss_01_0609.html",
"doc_type":"usermanual",
"p_code":"15",
"code":"17"
},
{
"desc":"You can enable HSS for ECSs only after installing the agent. This section describes how to install the agent on a Windows server.The server is running.Ensure the outbound",
"product_code":"hss",
"title":"Installing the Agent on a Windows Server",
"uri":"hss_01_0648.html",
"doc_type":"usermanual",
"p_code":"15",
"code":"18"
},
{
"desc":"HSS allows you to install agents for Linux servers in batches. Agents cannot be installed on Windows servers in batches.The server is running.Ensure the outbound rule of ",
"product_code":"hss",
"title":"Batch Installing Agents on Linux Servers",
"uri":"hss_01_0649.html",
"doc_type":"usermanual",
"p_code":"15",
"code":"19"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Enabling Protection",
"uri":"hss_01_0260.html",
"doc_type":"usermanual",
"p_code":"14",
"code":"20"
},
{
"desc":"Before enabling protection on servers, you need to allocate quota to a specified server. If the protection is disabled or the server is deleted, the quota can be allocate",
"product_code":"hss",
"title":"Enabling the Enterprise/Premium Edition",
"uri":"hss_01_0397.html",
"doc_type":"usermanual",
"p_code":"20",
"code":"21"
},
{
"desc":"Before enabling WTP, you need to allocate a quota to a specified server. If the service is disabled or the server is deleted, the quota can be allocated to other servers.",
"product_code":"hss",
"title":"Enabling Web Tamper Protection",
"uri":"hss_01_0309.html",
"doc_type":"usermanual",
"p_code":"20",
"code":"22"
},
{
"desc":"Before enabling protection for a container node, you need to allocate quota to a specified node. If the protection is disabled or the node is deleted, the quota can be al",
"product_code":"hss",
"title":"Enabling Container Protection",
"uri":"hss_01_0295.html",
"doc_type":"usermanual",
"p_code":"20",
"code":"23"
},
{
"desc":"After alarm notification is enabled, you can receive alarm notifications sent by HSS to learn about security risks facing your servers and web pages. Without this functio",
"product_code":"hss",
"title":"Enabling Alarm Notifications",
"uri":"hss_01_0241.html",
"doc_type":"usermanual",
"p_code":"14",
"code":"24"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Common Security Configuration",
"uri":"hss_01_0051.html",
"doc_type":"usermanual",
"p_code":"14",
"code":"25"
},
{
"desc":"You can configure common login locations, common login IP addresses, and an SSH login IP address whitelist.After you configure common login locations, HSS will generate a",
"product_code":"hss",
"title":"Configuring Server Login Protection",
"uri":"hss_01_0566.html",
"doc_type":"usermanual",
"p_code":"25",
"code":"26"
},
{
"desc":"HSS automatically isolates and kills identified malicious programs, such as web shells, Trojans, and worms, removing security risks.After the cloud scan function is enabl",
"product_code":"hss",
"title":"Isolating and Killing Malicious Programs",
"uri":"hss_01_0567.html",
"doc_type":"usermanual",
"p_code":"25",
"code":"27"
},
{
"desc":"Two-factor authentication (2FA) requires users to provide verification codes before they log in. The codes will be sent to their mobile phones or email boxes. You have to",
"product_code":"hss",
"title":"Enabling 2FA",
"uri":"hss_01_0568.html",
"doc_type":"usermanual",
"p_code":"25",
"code":"28"
},
{
"desc":"On the HSS dashboard, you can check the security score, risks, and protection overview of all your assets in real time, including servers and containers.The security scor",
"product_code":"hss",
"title":"Checking the Dashboard",
"uri":"hss_01_0048.html",
"doc_type":"usermanual",
"p_code":"",
"code":"29"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Asset Management",
"uri":"hss_01_0294.html",
"doc_type":"usermanual",
"p_code":"",
"code":"30"
},
{
"desc":"You can count all your assets and check their statistics, including the agent status, protection status, quota, account, port, process, software, and auto-started items.S",
"product_code":"hss",
"title":"Asset Management",
"uri":"hss_01_0387.html",
"doc_type":"usermanual",
"p_code":"30",
"code":"31"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Server Fingerprints",
"uri":"hss_01_0463.html",
"doc_type":"usermanual",
"p_code":"30",
"code":"32"
},
{
"desc":"HSS can collect server asset fingerprints, including information about ports, processes, web applications, web services, web frameworks, and auto-started items. You can c",
"product_code":"hss",
"title":"Collecting Server Asset Fingerprints",
"uri":"hss_01_0477.html",
"doc_type":"usermanual",
"p_code":"32",
"code":"33"
},
{
"desc":"HSS can collect server asset fingerprints, including information about ports, processes, web applications, web services, web frameworks, and auto-started items. You can c",
"product_code":"hss",
"title":"Viewing Server Asset Fingerprints",
"uri":"hss_01_0383.html",
"doc_type":"usermanual",
"p_code":"32",
"code":"34"
},
{
"desc":"HSS proactively records the changes on account information, software information, and auto-started items. You can check the change details according to different dimensio",
"product_code":"hss",
"title":"Viewing the Operation History of Server Assets",
"uri":"hss_01_0384.html",
"doc_type":"usermanual",
"p_code":"32",
"code":"35"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Container Fingerprints",
"uri":"hss_01_0464.html",
"doc_type":"usermanual",
"p_code":"30",
"code":"36"
},
{
"desc":"HSS can collect container asset fingerprints, including container clusters, services, workloads, accounts, ports, and processes. You can centrally check container asset i",
"product_code":"hss",
"title":"Collecting Container Asset Fingerprints",
"uri":"hss_01_0478.html",
"doc_type":"usermanual",
"p_code":"36",
"code":"37"
},
{
"desc":"HSS can collect container asset fingerprints, including container clusters, services, workloads, accounts, ports, and processes. You can centrally check container asset i",
"product_code":"hss",
"title":"Viewing Container Asset Fingerprints",
"uri":"hss_01_0465.html",
"doc_type":"usermanual",
"p_code":"36",
"code":"38"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Server Management",
"uri":"hss_01_0577.html",
"doc_type":"usermanual",
"p_code":"30",
"code":"39"
},
{
"desc":"The server list on the Servers page displays the protection status of only the servers used in the selected region.If your servers are managed by enterprise projects, you",
"product_code":"hss",
"title":"Viewing Server Protection Status",
"uri":"hss_01_0003.html",
"doc_type":"usermanual",
"p_code":"39",
"code":"40"
},
{
"desc":"This section describes how to export the server protection list to your local PC.The details of up to 1,000 servers can be exported at a time.",
"product_code":"hss",
"title":"Exporting the Server List",
"uri":"hss_01_0573.html",
"doc_type":"usermanual",
"p_code":"39",
"code":"41"
},
{
"desc":"You can switch the quota edition of a server to the enterprise or premium edition as needed.You can switch to the enterprise or premium edition.Choose Asset ManagementSer",
"product_code":"hss",
"title":"Switching the HSS Quota Edition",
"uri":"hss_01_0174.html",
"doc_type":"usermanual",
"p_code":"39",
"code":"42"
},
{
"desc":"You can quickly configure and start server scans by using policy groups. Simply create a group, add policies to it, and apply this group to servers. The agents deployed o",
"product_code":"hss",
"title":"Deploying a Protection Policy",
"uri":"hss_01_0024.html",
"doc_type":"usermanual",
"p_code":"39",
"code":"43"
},
{
"desc":"To manage servers by group, you can create a server group and add servers to it.You can check the numbers of servers, unsafe servers, and unprotected servers in a group.A",
"product_code":"hss",
"title":"Managing Server Groups",
"uri":"hss_01_0023.html",
"doc_type":"usermanual",
"p_code":"39",
"code":"44"
},
{
"desc":"By default, HSS considers all servers as general assets. You can configure the asset importance levels of servers and manage servers accordingly.Assets are classified int",
"product_code":"hss",
"title":"Servers Importance Management",
"uri":"hss_01_0381.html",
"doc_type":"usermanual",
"p_code":"39",
"code":"45"
},
{
"desc":"You can ignore the servers that do not need to be protected. HSS will neither protect the ignored servers nor synchronize the information changes of the ignored servers.",
"product_code":"hss",
"title":"Ignoring a Server",
"uri":"hss_01_0580.html",
"doc_type":"usermanual",
"p_code":"39",
"code":"46"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Disabling HSS",
"uri":"hss_01_0399.html",
"doc_type":"usermanual",
"p_code":"39",
"code":"47"
},
{
"desc":"You can disable protection for a server. A quota that has been unbound from a server can be bound to another one.Disabling protection does not affect services, but will i",
"product_code":"hss",
"title":"Disabling the Enterprise/Premium Edition",
"uri":"hss_01_0395.html",
"doc_type":"usermanual",
"p_code":"47",
"code":"48"
},
{
"desc":"You can disable the WTP edition for a server. A quota that has been unbound from a server can be bound to another one.Disabling protection does not affect services, but w",
"product_code":"hss",
"title":"Disabling WTP",
"uri":"hss_01_0400.html",
"doc_type":"usermanual",
"p_code":"47",
"code":"49"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Container Management",
"uri":"hss_01_0296.html",
"doc_type":"usermanual",
"p_code":"30",
"code":"50"
},
{
"desc":"The Container Nodes page displays the protection, node, and agent status of containers, helping you learn the node security status in real time.Only Linux servers are sup",
"product_code":"hss",
"title":"Viewing the Container Node Protection Status",
"uri":"hss_01_0293.html",
"doc_type":"usermanual",
"p_code":"50",
"code":"51"
},
{
"desc":"This section describes how to export the container node list to your local PC.You can select multiple container nodes and click Export to export their container details i",
"product_code":"hss",
"title":"Exporting the Container Node List",
"uri":"hss_01_0578.html",
"doc_type":"usermanual",
"p_code":"50",
"code":"52"
},
{
"desc":"You can enable the container security edition for your containers.To enable protection for a container node, you need to allocate a quota to the node. If the protection i",
"product_code":"hss",
"title":"Enabling Container Security Protection",
"uri":"hss_01_0398.html",
"doc_type":"usermanual",
"p_code":"50",
"code":"53"
},
{
"desc":"You can manually scan local images for vulnerabilities and software information and provides scan reports. This section describes how to perform security scans on local i",
"product_code":"hss",
"title":"Managing Local Images",
"uri":"hss_01_0297.html",
"doc_type":"usermanual",
"p_code":"50",
"code":"54"
},
{
"desc":"Images in the private image repository come from SWR images. You can manually scan for and check reports on vulnerabilities, malicious files, software information, file i",
"product_code":"hss",
"title":"Managing SWR Private Images",
"uri":"hss_01_0299.html",
"doc_type":"usermanual",
"p_code":"50",
"code":"55"
},
{
"desc":"The images in the shared image repository are from SWR. You can view details about all shared images.Only the HSS container edition supports this function.Security scans ",
"product_code":"hss",
"title":"Managing SWR Shared Images",
"uri":"hss_01_0088.html",
"doc_type":"usermanual",
"p_code":"50",
"code":"56"
},
{
"desc":"You can manually scan for and check reports on software compliance, base image information, vulnerabilities, malicious files, software information, file information, base",
"product_code":"hss",
"title":"Managing SWR Enterprise Edition Images",
"uri":"hss_01_0581.html",
"doc_type":"usermanual",
"p_code":"50",
"code":"57"
},
{
"desc":"You can view container information on the Containers page to learn about the container status, cluster, and risks. This section describes how to view container informatio",
"product_code":"hss",
"title":"Viewing Container Information",
"uri":"hss_01_0505.html",
"doc_type":"usermanual",
"p_code":"50",
"code":"58"
},
{
"desc":"HSS can detect container security risks and classify them into the following types:Critical: malicious programHigh risk: ransomware attacks, malicious programs, reverse s",
"product_code":"hss",
"title":"Handling Unsafe Containers",
"uri":"hss_01_0506.html",
"doc_type":"usermanual",
"p_code":"50",
"code":"59"
},
{
"desc":"To install the agent for all nodes in a CCE cluster or an on-premises Kubernetes cluster, you can use the cluster agent management function to install the agent in the cl",
"product_code":"hss",
"title":"Installing the Agent in a Cluster",
"uri":"hss_01_0550.html",
"doc_type":"usermanual",
"p_code":"50",
"code":"60"
},
{
"desc":"You can disable the container edition for a server. A quota that has been unbound from a server can be bound to another one.Disabling protection does not affect services,",
"product_code":"hss",
"title":"Disabling Protection for Container Edition",
"uri":"hss_01_0401.html",
"doc_type":"usermanual",
"p_code":"50",
"code":"61"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Prediction",
"uri":"hss_01_0025.html",
"doc_type":"usermanual",
"p_code":"",
"code":"62"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Vulnerability Management",
"uri":"hss_01_0140.html",
"doc_type":"usermanual",
"p_code":"62",
"code":"63"
},
{
"desc":"Vulnerability management can detect Linux, Windows, Web-CMS, application vulnerabilities, and emergency vulnerabilities and provide suggestions, helping you learn about s",
"product_code":"hss",
"title":"Vulnerability Management Overview",
"uri":"hss_01_0302.html",
"doc_type":"usermanual",
"p_code":"63",
"code":"64"
},
{
"desc":"HSS can scan for Linux, Windows, Web-CMS, application, and emergency vulnerabilities. Automatic, scheduled, and manual scans are supported.Automatic scanBy default, Linux",
"product_code":"hss",
"title":"Vulnerability Scan",
"uri":"hss_01_0412.html",
"doc_type":"usermanual",
"p_code":"63",
"code":"65"
},
{
"desc":"You can view vulnerabilities of your assets on the Vulnerabilities page. The Vulnerabilities page contains two tabs: Vulnerabilities view and Server view, helping you ana",
"product_code":"hss",
"title":"Viewing Vulnerability Details",
"uri":"hss_01_0063.html",
"doc_type":"usermanual",
"p_code":"63",
"code":"66"
},
{
"desc":"You can refer to this section to export the vulnerability list.The Server Status is Running, Agent Status is Online, and Protection Status is Protected. For details, see ",
"product_code":"hss",
"title":"Exporting the Vulnerability List",
"uri":"hss_01_0574.html",
"doc_type":"usermanual",
"p_code":"63",
"code":"67"
},
{
"desc":"If HSS detects a vulnerability on a server, you need to handle the vulnerability in a timely manner based on its severity and your business conditions to prevent the vuln",
"product_code":"hss",
"title":"Handling Vulnerabilities",
"uri":"hss_01_0141.html",
"doc_type":"usermanual",
"p_code":"63",
"code":"68"
},
{
"desc":"If you evaluate that some vulnerabilities do not affect your services and do not want to view the vulnerabilities in the vulnerability list, you can whitelist the vulnera",
"product_code":"hss",
"title":"Managing the Vulnerability Whitelist",
"uri":"hss_01_0509.html",
"doc_type":"usermanual",
"p_code":"63",
"code":"69"
},
{
"desc":"For vulnerabilities that have been handled, you can refer to this section to view the vulnerability handling history (handler and handling time).Viewing the vulnerability",
"product_code":"hss",
"title":"Viewing Vulnerability Handling History",
"uri":"hss_01_0503.html",
"doc_type":"usermanual",
"p_code":"63",
"code":"70"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Baseline Inspection",
"uri":"hss_01_0145.html",
"doc_type":"usermanual",
"p_code":"62",
"code":"71"
},
{
"desc":"Baseline Inspection includes password complexity policy detection, common weak password detection, and configuration check. It can detect insecure password configurations",
"product_code":"hss",
"title":"Baseline Inspection Overview",
"uri":"hss_01_0303.html",
"doc_type":"usermanual",
"p_code":"71",
"code":"72"
},
{
"desc":"The baseline check supports automatic and manual baseline checks.Automatic baseline check: checks server configurations and common weak passwords.Manual baseline check: T",
"product_code":"hss",
"title":"Performing Baseline Inspection",
"uri":"hss_01_0146.html",
"doc_type":"usermanual",
"p_code":"71",
"code":"73"
},
{
"desc":"This topic provides suggestions on how to fix baseline configuration risks on the server.Only enterprise edition, premium edition, web tamper protection edition, and cont",
"product_code":"hss",
"title":"Viewing and Processing Baseline Check Results",
"uri":"hss_01_0147.html",
"doc_type":"usermanual",
"p_code":"71",
"code":"74"
},
{
"desc":"This section describes how to export a baseline check report.Only enterprise edition, premium edition, web tamper protection edition, and container edition are supported.",
"product_code":"hss",
"title":"Exporting the Baseline Check Report",
"uri":"hss_01_0597.html",
"doc_type":"usermanual",
"p_code":"71",
"code":"75"
},
{
"desc":"This section describes how to modify a created manual baseline check policy.If you select Linux for OS, you can select any checks included in Baseline and edit rules. Thi",
"product_code":"hss",
"title":"Managing Manual Baseline Check Policies",
"uri":"hss_01_0393.html",
"doc_type":"usermanual",
"p_code":"71",
"code":"76"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Container Image Security",
"uri":"hss_01_0304.html",
"doc_type":"usermanual",
"p_code":"62",
"code":"77"
},
{
"desc":"This section describes how to view SWR image repository vulnerabilities and fix the vulnerabilities as prompted.Container node protection has been enabled.Only vulnerabil",
"product_code":"hss",
"title":"Viewing SWR Image Repository Vulnerabilities",
"uri":"hss_01_0305.html",
"doc_type":"usermanual",
"p_code":"77",
"code":"78"
},
{
"desc":"Malicious files in the private images can be automatically detected, helping you discover and eliminate the security threats in your assets.A comprehensive check is autom",
"product_code":"hss",
"title":"Viewing Malicious File Detection Results in Images",
"uri":"hss_01_0306.html",
"doc_type":"usermanual",
"p_code":"77",
"code":"79"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Proactive Defense",
"uri":"hss_01_0142.html",
"doc_type":"usermanual",
"p_code":"",
"code":"80"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Application Protection",
"uri":"hss_01_0388.html",
"doc_type":"usermanual",
"p_code":"80",
"code":"81"
},
{
"desc":"To protect Java applications on Linux servers, enable application protection for the servers. HSS will install the RASP plug-in on the servers, and you will need to confi",
"product_code":"hss",
"title":"Enabling Application Protection",
"uri":"hss_01_0390.html",
"doc_type":"usermanual",
"p_code":"81",
"code":"82"
},
{
"desc":"After application protection is enabled, you can view the protection status and events on the Application Protection page. You can analyze the events and harden your appl",
"product_code":"hss",
"title":"Viewing Application Protection",
"uri":"hss_01_0389.html",
"doc_type":"usermanual",
"p_code":"81",
"code":"83"
},
{
"desc":"Application protection policies can be added, edited, and deleted in the following scenarios:Addition: HSS provides a default policy, which contains all the detection rul",
"product_code":"hss",
"title":"Managing Application Protection Policies",
"uri":"hss_01_0459.html",
"doc_type":"usermanual",
"p_code":"81",
"code":"84"
},
{
"desc":"You can disable application protection if it is no longer needed.If your servers are managed by enterprise projects, you can select an enterprise project to view or opera",
"product_code":"hss",
"title":"Disabling Application Protection",
"uri":"hss_01_0392.html",
"doc_type":"usermanual",
"p_code":"81",
"code":"85"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"WTP",
"uri":"hss_01_0153.html",
"doc_type":"usermanual",
"p_code":"80",
"code":"86"
},
{
"desc":"WTP monitors website directories in real time, backs up files, and restores tampered files using the backup, protecting websites from Trojans, illegal links, and tamperin",
"product_code":"hss",
"title":"Adding a Protected Directory",
"uri":"hss_01_0216.html",
"doc_type":"usermanual",
"p_code":"86",
"code":"87"
},
{
"desc":"After a remote backup server is configured, if a file in a protected directory is changed, HSS will back up the updated file. By default, HSS backs up files in the protec",
"product_code":"hss",
"title":"Configuring Remote Backup",
"uri":"hss_01_0106.html",
"doc_type":"usermanual",
"p_code":"86",
"code":"88"
},
{
"desc":"Dynamic WTP protects your web pages while Tomcat applications are running, and can detect tampering of dynamic data, such as database data. It can be enabled with static ",
"product_code":"hss",
"title":"Enabling Dynamic WTP",
"uri":"hss_01_0218.html",
"doc_type":"usermanual",
"p_code":"86",
"code":"89"
},
{
"desc":"Once static WTP is enabled, the HSS service will comprehensively check protected directories you specified. You can check records about detected tampering of host protect",
"product_code":"hss",
"title":"Viewing WTP Events",
"uri":"hss_01_0087.html",
"doc_type":"usermanual",
"p_code":"86",
"code":"90"
},
{
"desc":"If WTP is enabled, the content in the protected directories is read-only. To allow certain processes to modify files in the directories, add them to the privileged proces",
"product_code":"hss",
"title":"Adding a Privileged Process",
"uri":"hss_01_0466.html",
"doc_type":"usermanual",
"p_code":"86",
"code":"91"
},
{
"desc":"You can schedule WTP protection to allow website updates in specific periods.Exercise caution when you set the periods to disable WTP, because files will not be protected",
"product_code":"hss",
"title":"Enabling/Disabling Scheduled Static WTP",
"uri":"hss_01_0217.html",
"doc_type":"usermanual",
"p_code":"86",
"code":"92"
},
{
"desc":"Once WTP is enabled, HSS will comprehensively check protected directories you specified. You can check records about detected tampering attacks.Agent Status of the server",
"product_code":"hss",
"title":"Viewing WTP Reports",
"uri":"hss_01_0576.html",
"doc_type":"usermanual",
"p_code":"86",
"code":"93"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Ransomware Prevention",
"uri":"hss_01_0346.html",
"doc_type":"usermanual",
"p_code":"80",
"code":"94"
},
{
"desc":"Ransomware is one of the biggest cybersecurity threats today. Ransomware can intrude a server, encrypt data, and ask for ransom, causing service interruption, data leakag",
"product_code":"hss",
"title":"Enabling Ransomware Prevention",
"uri":"hss_01_0348.html",
"doc_type":"usermanual",
"p_code":"94",
"code":"95"
},
{
"desc":"To enhance defense and reduce service loss caused by ransomware attacks, you are advised to periodically back up data on servers.If your servers are managed by enterprise",
"product_code":"hss",
"title":"Enabling Backup",
"uri":"hss_01_0562.html",
"doc_type":"usermanual",
"p_code":"94",
"code":"96"
},
{
"desc":"After ransomware protection is enabled, if a ransomware attack event occurs on the server, the event will be recorded and displayed in the ransomware event list. You can ",
"product_code":"hss",
"title":"Viewing Ransomware Protection",
"uri":"hss_01_0347.html",
"doc_type":"usermanual",
"p_code":"94",
"code":"97"
},
{
"desc":"You can use predefined policies, modify ransomware prevention policies, or change the policy associated with a server.Currently, you can create a ransomware prevention po",
"product_code":"hss",
"title":"Managing Ransomware Prevention Policies",
"uri":"hss_01_0349.html",
"doc_type":"usermanual",
"p_code":"94",
"code":"98"
},
{
"desc":"If your server is attacked by ransomware, you can use the backup to restore the server data to minimize the loss. Before using the backup data to restore the service data",
"product_code":"hss",
"title":"Restoring Server Data",
"uri":"hss_01_0575.html",
"doc_type":"usermanual",
"p_code":"94",
"code":"99"
},
{
"desc":"After ransomware backup is enabled, the backup vault periodically backs up your servers based on the backup policy. You can expand the vault capacity or modify the backup",
"product_code":"hss",
"title":"Managing Server Backup",
"uri":"hss_01_0492.html",
"doc_type":"usermanual",
"p_code":"94",
"code":"100"
},
{
"desc":"You can disable ransomware protection as needed. After protection is disabled, your server may be intruded by ransomware. Exercise caution when performing this operation.",
"product_code":"hss",
"title":"Disabling Ransomware Prevention",
"uri":"hss_01_0350.html",
"doc_type":"usermanual",
"p_code":"94",
"code":"101"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Application Process Control",
"uri":"hss_01_0530.html",
"doc_type":"usermanual",
"p_code":"80",
"code":"102"
},
{
"desc":"HSS can learn the characteristics of application processes on servers and manage their running. Suspicious and trusted processes are allowed to run, and alarms are genera",
"product_code":"hss",
"title":"Application Process Control Overview",
"uri":"hss_01_0531.html",
"doc_type":"usermanual",
"p_code":"102",
"code":"103"
},
{
"desc":"Before enabling application process control, you need to create a whitelist policy and configure the HSS learning duration, the way to confirm learning outcomes, the way ",
"product_code":"hss",
"title":"Creating a Whitelist Policy",
"uri":"hss_01_0532.html",
"doc_type":"usermanual",
"p_code":"102",
"code":"104"
},
{
"desc":"After HSS completes learning on the servers associated with a whitelist policy, there may be some suspicious processes with insignificant characteristics that need to be ",
"product_code":"hss",
"title":"Confirming Learning Outcomes",
"uri":"hss_01_0533.html",
"doc_type":"usermanual",
"p_code":"102",
"code":"105"
},
{
"desc":"HSS can control different types of application processes on servers. Suspicious and trusted processes are allowed to run, and alarms are generated for malicious processes",
"product_code":"hss",
"title":"Enabling Application Process Control",
"uri":"hss_01_0534.html",
"doc_type":"usermanual",
"p_code":"102",
"code":"106"
},
{
"desc":"If HSS detects suspicious processes on servers, the processes will be displayed in the suspicious process list but will not trigger alarms. HSS cannot determine whether t",
"product_code":"hss",
"title":"Checking and Handling Suspicious Processes",
"uri":"hss_01_0535.html",
"doc_type":"usermanual",
"p_code":"102",
"code":"107"
},
{
"desc":"After HSS completes learning on the servers associated a policy, if you find the learning outcomes are much fewer than the process fingerprints detected by HSS, or if too",
"product_code":"hss",
"title":"Extending the Process Whitelist",
"uri":"hss_01_0563.html",
"doc_type":"usermanual",
"p_code":"102",
"code":"108"
},
{
"desc":"If you have added trustworthy processes to the whitelist but there are still many false positives reported, you can let HSS start learning again on the servers.",
"product_code":"hss",
"title":"Start Learning on Servers Again",
"uri":"hss_01_0544.html",
"doc_type":"usermanual",
"p_code":"102",
"code":"109"
},
{
"desc":"You can disable application process control for one or multiple servers at a time.Disable protection but retain the application process characteristics learned by HSS.In ",
"product_code":"hss",
"title":"Disabling Application Process Control",
"uri":"hss_01_0542.html",
"doc_type":"usermanual",
"p_code":"102",
"code":"110"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"File Integrity Monitoring",
"uri":"hss_01_0360.html",
"doc_type":"usermanual",
"p_code":"80",
"code":"111"
},
{
"desc":"File integrity management (FIM) monitors key files on Linux servers in real time; records file addition, modification, and deletion; and reports alarms, helping you detec",
"product_code":"hss",
"title":"File Integrity Management Overview",
"uri":"hss_01_0359.html",
"doc_type":"usermanual",
"p_code":"111",
"code":"112"
},
{
"desc":"File integrity monitoring provides change statistics, change types, and file change records, helping you learn about file changes in real time and detect malicious change",
"product_code":"hss",
"title":"Viewing File Change Records",
"uri":"hss_01_0361.html",
"doc_type":"usermanual",
"p_code":"111",
"code":"113"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Virus Scan",
"uri":"hss_01_0582.html",
"doc_type":"usermanual",
"p_code":"80",
"code":"114"
},
{
"desc":"The function uses the virus detection engine to scan virus files on the server. The scanned file types include executable files, compressed files, script files, documents",
"product_code":"hss",
"title":"Virus Scan Overview",
"uri":"hss_01_0583.html",
"doc_type":"usermanual",
"p_code":"114",
"code":"115"
},
{
"desc":"Once a static virus file is started, it may become a malicious process and become a security risk of servers. Therefore, scanning static virus files is important in serve",
"product_code":"hss",
"title":"Scanning for Viruses",
"uri":"hss_01_0584.html",
"doc_type":"usermanual",
"p_code":"114",
"code":"116"
},
{
"desc":"After the virus scanning is complete, the system handles the infected files based on the handling policy selected. The handling policies are as follows:Automatic Handling",
"product_code":"hss",
"title":"Viewing and Handling Viruses",
"uri":"hss_01_0585.html",
"doc_type":"usermanual",
"p_code":"114",
"code":"117"
},
{
"desc":"Isolated files are added to the Isolated Files and cannot harm your server. You can also refer to this section to restore or delete isolated files as required.If you want",
"product_code":"hss",
"title":"Managing Isolated Files",
"uri":"hss_01_0605.html",
"doc_type":"usermanual",
"p_code":"114",
"code":"118"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Dynamic Port Honeypot",
"uri":"hss_01_0598.html",
"doc_type":"usermanual",
"p_code":"80",
"code":"119"
},
{
"desc":"The dynamic port honeypot function is a deception trap. It uses a real port as a bait port to induce attackers to access the network. In the horizontal penetration scenar",
"product_code":"hss",
"title":"Dynamic Port Honeypot Overview",
"uri":"hss_01_0599.html",
"doc_type":"usermanual",
"p_code":"119",
"code":"120"
},
{
"desc":"The dynamic port honeypot function uses a real port as a honeypot port to induce attackers to access the network. Therefore, when enabling dynamic port honeypot protectio",
"product_code":"hss",
"title":"Creating a Protection Policy for a Dynamic Honeypot Port",
"uri":"hss_01_0600.html",
"doc_type":"usermanual",
"p_code":"119",
"code":"121"
},
{
"desc":"By default, the servers that proactively connect to the dynamic honeypot port are compromised intranet servers. Once a suspicious connection behavior is detected, an alar",
"product_code":"hss",
"title":"Viewing and Handling Honeypot Protection Events",
"uri":"hss_01_0601.html",
"doc_type":"usermanual",
"p_code":"119",
"code":"122"
},
{
"desc":"After a policy is created, you can manage the policy based on your protection requirements.Disabling a policy: Disable the dynamic port honeypot function temporarily.Enab",
"product_code":"hss",
"title":"Managing Dynamic Port Honeypot Protection Policies",
"uri":"hss_01_0604.html",
"doc_type":"usermanual",
"p_code":"119",
"code":"123"
},
{
"desc":"For servers associated with a protection policy, you can switch the protection policy for servers or unbind the protection policy from the servers.To switch protection po",
"product_code":"hss",
"title":"Managing Associated Servers",
"uri":"hss_01_0606.html",
"doc_type":"usermanual",
"p_code":"119",
"code":"124"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Container Firewalls",
"uri":"hss_01_0621.html",
"doc_type":"usermanual",
"p_code":"80",
"code":"125"
},
{
"desc":"A container firewall controls and intercepts network traffic inside and outside a container cluster to prevent malicious access and attacks.The container firewall is avai",
"product_code":"hss",
"title":"Container Firewall Overview",
"uri":"hss_01_0622.html",
"doc_type":"usermanual",
"p_code":"125",
"code":"126"
},
{
"desc":"You can configure network defense policies to limit the access traffic to the pods in a cluster using the container tunnel network model. If no network policies are confi",
"product_code":"hss",
"title":"Configuring a Network Defense Policy (for a Cluster Using the Container Tunnel Network Model)",
"uri":"hss_01_0623.html",
"doc_type":"usermanual",
"p_code":"125",
"code":"127"
},
{
"desc":"For clusters using the VPC network model, you can configure network defense policies to limit the traffic that accesses the servers where containers are deployed. If no s",
"product_code":"hss",
"title":"Configuring a Network Defense Policy (for a Cluster Using the VPC Tunnel Network Model)",
"uri":"hss_01_0624.html",
"doc_type":"usermanual",
"p_code":"125",
"code":"128"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Container Cluster Protection",
"uri":"hss_01_0629.html",
"doc_type":"usermanual",
"p_code":"80",
"code":"129"
},
{
"desc":"HSS can check for non-compliance baseline issues, vulnerabilities, and malicious files when a container image is started and report alarms on or block container startup t",
"product_code":"hss",
"title":"Container Cluster Protection Overview",
"uri":"hss_01_0630.html",
"doc_type":"usermanual",
"p_code":"129",
"code":"130"
},
{
"desc":"Container cluster protection can detect risks in baselines, vulnerabilities, and malicious files; and can report alarms on or block insecure container images. You can ena",
"product_code":"hss",
"title":"Enabling Container Cluster Protection",
"uri":"hss_01_0631.html",
"doc_type":"usermanual",
"p_code":"129",
"code":"131"
},
{
"desc":"You can configure container cluster protection policies to specify the level of risks (unsafe baselines, vulnerabilities, or malicious files) that trigger alarms, cluster",
"product_code":"hss",
"title":"Configuring a Container Cluster Protection Policy",
"uri":"hss_01_0632.html",
"doc_type":"usermanual",
"p_code":"129",
"code":"132"
},
{
"desc":"HSS detects risks and displays security events in the protection event list. This section describes how to check the events.",
"product_code":"hss",
"title":"Checking Container Cluster Protection Events",
"uri":"hss_01_0633.html",
"doc_type":"usermanual",
"p_code":"129",
"code":"133"
},
{
"desc":"If you no longer need HSS to protect your container clusters, you can disable container cluster protection.To disable protection for clusters in batches, select clusters ",
"product_code":"hss",
"title":"Disabling Container Cluster Protection",
"uri":"hss_01_0634.html",
"doc_type":"usermanual",
"p_code":"129",
"code":"134"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Intrusion Detection",
"uri":"hss_01_0030.html",
"doc_type":"usermanual",
"p_code":"",
"code":"135"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"HSS Alarms",
"uri":"hss_01_0363.html",
"doc_type":"usermanual",
"p_code":"135",
"code":"136"
},
{
"desc":"HSS generates alarms on a range of intrusion events, including brute-force attacks, abnormal process behaviors, web shells, abnormal logins, and malicious processes. You ",
"product_code":"hss",
"title":"Server Alarms",
"uri":"hss_01_0277.html",
"doc_type":"usermanual",
"p_code":"136",
"code":"137"
},
{
"desc":"HSS displays alarm and event statistics and their summary all on one page. You can have a quick overview of alarms, including the numbers of urgent alarms, total alarms, ",
"product_code":"hss",
"title":"Viewing Server Alarms",
"uri":"hss_01_0026.html",
"doc_type":"usermanual",
"p_code":"136",
"code":"138"
},
{
"desc":"The Events page displays the alarms generated in the last 30 days.The status of a handled alarm changes from Unhandled to Handled.To skip the checks on high-risk command ",
"product_code":"hss",
"title":"Handling Server Alarms",
"uri":"hss_01_0413.html",
"doc_type":"usermanual",
"p_code":"136",
"code":"139"
},
{
"desc":"You can export server alarms and events to a local PC.",
"product_code":"hss",
"title":"Exporting Server Alarms",
"uri":"hss_01_0547.html",
"doc_type":"usermanual",
"p_code":"136",
"code":"140"
},
{
"desc":"HSS can isolate detected threat files. Files that have been isolated are displayed on a slide-out panel on the Server Alarms page. You can click Isolated Files on the upp",
"product_code":"hss",
"title":"Managing Isolated Files",
"uri":"hss_01_0331.html",
"doc_type":"usermanual",
"p_code":"136",
"code":"141"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Container Alarms",
"uri":"hss_01_0311.html",
"doc_type":"usermanual",
"p_code":"135",
"code":"142"
},
{
"desc":"After node protection is enabled, an agent is deployed on each container host to monitor the running status of containers in real time. The agents support escape detectio",
"product_code":"hss",
"title":"Container Alarm Events",
"uri":"hss_01_0312.html",
"doc_type":"usermanual",
"p_code":"142",
"code":"143"
},
{
"desc":"HSS displays alarm and event statistics and their summary all on one page. You can have a quick overview of alarms, including the numbers of containers with alarms, handl",
"product_code":"hss",
"title":"Viewing Container Alarms",
"uri":"hss_01_0313.html",
"doc_type":"usermanual",
"p_code":"142",
"code":"144"
},
{
"desc":"HSS displays alarm and event statistics and their summary all on one page. You can have a quick overview of alarms, including the numbers of containers with alarms, handl",
"product_code":"hss",
"title":"Handling Container Alarms",
"uri":"hss_01_0414.html",
"doc_type":"usermanual",
"p_code":"142",
"code":"145"
},
{
"desc":"You can export container alarms and events to a local PC.",
"product_code":"hss",
"title":"Exporting Container Alarms",
"uri":"hss_01_0548.html",
"doc_type":"usermanual",
"p_code":"142",
"code":"146"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Whitelist Management",
"uri":"hss_01_0367.html",
"doc_type":"usermanual",
"p_code":"135",
"code":"147"
},
{
"desc":"You can configure the IP addresses of destination servers, login IP addresses, login usernames, and user behaviors in the Login Whitelist.You can add Login Whitelist in e",
"product_code":"hss",
"title":"Managing Login Whitelist",
"uri":"hss_01_0029.html",
"doc_type":"usermanual",
"p_code":"147",
"code":"148"
},
{
"desc":"You can configure the alarm whitelist to reduce false alarms. Events can be deleted from the whitelist.Whitelisted events will not trigger alarms.On the Alarms page, you ",
"product_code":"hss",
"title":"Managing the Alarm Whitelist",
"uri":"hss_01_0028.html",
"doc_type":"usermanual",
"p_code":"147",
"code":"149"
},
{
"desc":"HSS generates risky account alarms when non-root users are added to the root user group. You can add the trusted non-root users to the system user whitelist. HSS does not",
"product_code":"hss",
"title":"Managing the System User Whitelist",
"uri":"hss_01_0496.html",
"doc_type":"usermanual",
"p_code":"147",
"code":"150"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Security Operations",
"uri":"hss_01_0041.html",
"doc_type":"usermanual",
"p_code":"",
"code":"151"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Policy Management",
"uri":"hss_01_0314.html",
"doc_type":"usermanual",
"p_code":"151",
"code":"152"
},
{
"desc":"HSS comes in multiple editions, including enterprise, premium, WTP, and container editions. They each have a default protection policy group. A policy group is a collecti",
"product_code":"hss",
"title":"Policy Management Overview",
"uri":"hss_01_0045.html",
"doc_type":"usermanual",
"p_code":"152",
"code":"153"
},
{
"desc":"After HSS is enabled, you can configure HSS policies based on your service requirements.The enterprise, premium, WTP, or container edition is enabled.For the default poli",
"product_code":"hss",
"title":"Configuring Policies",
"uri":"hss_01_0044.html",
"doc_type":"usermanual",
"p_code":"152",
"code":"154"
},
{
"desc":"For premium and container editions, you can copy a policy group and customize it as required to meet server security requirements in different application scenarios.If yo",
"product_code":"hss",
"title":"Creating a Custom Policy Group",
"uri":"hss_01_0368.html",
"doc_type":"usermanual",
"p_code":"152",
"code":"155"
},
{
"desc":"Preset policy groups cannot be deleted. You can delete custom policy groups of premium and container editions.After a policy group is deleted, the Policy Group column of ",
"product_code":"hss",
"title":"Deleting a Policy Group",
"uri":"hss_01_0596.html",
"doc_type":"usermanual",
"p_code":"152",
"code":"156"
},
{
"desc":"You can check the handling history of vulnerabilities and alarms, including their handlers and handling time.Viewing the vulnerability handling history of a specified pro",
"product_code":"hss",
"title":"Handling History",
"uri":"hss_01_0508.html",
"doc_type":"usermanual",
"p_code":"151",
"code":"157"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Security Report",
"uri":"hss_01_0552.html",
"doc_type":"usermanual",
"p_code":"",
"code":"158"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Security Report",
"uri":"hss_01_0614.html",
"doc_type":"usermanual",
"p_code":"158",
"code":"159"
},
{
"desc":"If the type and content of the existing report template cannot meet your requirements, you can customize a report.The enterprise, premium, WTP, or container edition is en",
"product_code":"hss",
"title":"Creating a Security Report",
"uri":"hss_01_0615.html",
"doc_type":"usermanual",
"p_code":"159",
"code":"160"
},
{
"desc":"Security reports are generated only after you subscribe to them. This section describes how to subscribe.The enterprise, premium, WTP, or container edition is enabled.A s",
"product_code":"hss",
"title":"Subscribing to a Security Report",
"uri":"hss_01_0616.html",
"doc_type":"usermanual",
"p_code":"159",
"code":"161"
},
{
"desc":"You can check daily, weekly, monthly, and custom reports. The reports show your server security trends and key security events and risks.This section describes how to vie",
"product_code":"hss",
"title":"Checking a Security Report",
"uri":"hss_01_0617.html",
"doc_type":"usermanual",
"p_code":"159",
"code":"162"
},
{
"desc":"You can modify, cancel, or unsubscribe to a report.The enterprise, premium, WTP, or container edition is enabled.You can use default security report templates directly, w",
"product_code":"hss",
"title":"Managing Security Reports",
"uri":"hss_01_0618.html",
"doc_type":"usermanual",
"p_code":"159",
"code":"163"
},
{
"desc":"Servers that are not protected by HSS are scanned for free. A security report on their vulnerabilities, unsafe passwords, and asset risks will be generated.ECSs that are ",
"product_code":"hss",
"title":"Free Scan",
"uri":"hss_01_0619.html",
"doc_type":"usermanual",
"p_code":"158",
"code":"164"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Installation and Configuration",
"uri":"hss_01_0373.html",
"doc_type":"usermanual",
"p_code":"",
"code":"165"
},
{
"desc":"The HSS agent is a piece of software installed on cloud servers to exchange data between the servers and HSS, implementing security detection and protection. If no agent ",
"product_code":"hss",
"title":"Viewing Agent Status",
"uri":"hss_01_0374.html",
"doc_type":"usermanual",
"p_code":"165",
"code":"166"
},
{
"desc":"HSS keeps improving its service capabilities, including but not limited to new features and defect fixes. Please upgrade your agent to the latest version in a timely mann",
"product_code":"hss",
"title":"Upgrading the Agent",
"uri":"hss_01_0462.html",
"doc_type":"usermanual",
"p_code":"165",
"code":"167"
},
{
"desc":"If you no longer need to use HSS, uninstall the agent by following the instructions provided in this section. If the agent is uninstalled, HSS will stop protecting your s",
"product_code":"hss",
"title":"Uninstalling the Agent",
"uri":"hss_01_0376.html",
"doc_type":"usermanual",
"p_code":"165",
"code":"168"
},
{
"desc":"You can add common login locations, common IP addresses, and whitelist IP addresses, and enable malicious program isolation and killing to enhance server security.For det",
"product_code":"hss",
"title":"Security Configurations",
"uri":"hss_01_0385.html",
"doc_type":"usermanual",
"p_code":"165",
"code":"169"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Plug-in Settings",
"uri":"hss_01_0479.html",
"doc_type":"usermanual",
"p_code":"165",
"code":"170"
},
{
"desc":"If container protection is enabled and you want to use the image blocking function, you need to install the Docker plug-in.The Docker plug-in provides the image blocking ",
"product_code":"hss",
"title":"Plug-Ins Overview",
"uri":"hss_01_0491.html",
"doc_type":"usermanual",
"p_code":"170",
"code":"171"
},
{
"desc":"The plug-in configuration page displays the server list and the plug-in information of the servers. If no plug-ins are installed on a server, the corresponding plug-in in",
"product_code":"hss",
"title":"Viewing Plug-in Information",
"uri":"hss_01_0480.html",
"doc_type":"usermanual",
"p_code":"170",
"code":"172"
},
{
"desc":"If container protection is enabled and you want to use the image blocking function, install the Docker plug-in by following the instructions provided in this section.If y",
"product_code":"hss",
"title":"Installing a Plug-in",
"uri":"hss_01_0481.html",
"doc_type":"usermanual",
"p_code":"170",
"code":"173"
},
{
"desc":"Uninstall the Docker plug-in if you do not need to use the image blocking function.If your server has an EIP bound, you can also use a remote management tool, such as PuT",
"product_code":"hss",
"title":"Uninstalling a Plug-in",
"uri":"hss_01_0483.html",
"doc_type":"usermanual",
"p_code":"170",
"code":"174"
},
{
"desc":"Cloud Trace Service (CTS) records all operations on HSS, including requests initiated from the management console or open APIs and responses to the requests, for tenants ",
"product_code":"hss",
"title":"HSS Operations Supported by CTS",
"uri":"hss_01_0071.html",
"doc_type":"usermanual",
"p_code":"",
"code":"175"
},
{
"desc":"After you enable CTS and the management tracker is created, CTS starts recording operations on cloud resources. Cloud Trace Service (CTS) stores operation records (traces",
"product_code":"hss",
"title":"Viewing CTS Traces in the Trace List",
"uri":"hss_01_0603.html",
"doc_type":"usermanual",
"p_code":"",
"code":"176"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"FAQs",
"uri":"hss_01_0032.html",
"doc_type":"usermanual",
"p_code":"",
"code":"177"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"About HSS",
"uri":"hss_01_0258.html",
"doc_type":"usermanual",
"p_code":"177",
"code":"178"
},
{
"desc":"Host Security Service (HSS) helps you identify and manage the assets on your servers, eliminate risks, and defend against intrusions and web page tampering. There are als",
"product_code":"hss",
"title":"What Is Host Security?",
"uri":"hss_01_0033.html",
"doc_type":"usermanual",
"p_code":"178",
"code":"179"
},
{
"desc":"Container Security Service (CGS) scans vulnerabilities and configuration information in images, helping enterprises detect container risks that cannot be found using conv",
"product_code":"hss",
"title":"What Is Container Security?",
"uri":"hss_01_0318.html",
"doc_type":"usermanual",
"p_code":"178",
"code":"180"
},
{
"desc":"Web Tamper Protection (WTP) monitors website directories in real time, backs up files, and restores tampered files using the backup. WTP protects your websites from Troja",
"product_code":"hss",
"title":"What Is Web Tamper Protection?",
"uri":"hss_01_0319.html",
"doc_type":"usermanual",
"p_code":"178",
"code":"181"
},
{
"desc":"An image is a special file system. It provides programs, libraries, resources, configuration files and other files required for a running container. An image also contain",
"product_code":"hss",
"title":"What Are the Relationships Between Images, Containers, and Applications?",
"uri":"hss_01_0320.html",
"doc_type":"usermanual",
"p_code":"178",
"code":"182"
},
{
"desc":"HSS and Web Application Firewall (WAF) are provided by the cloud platform to help you defend servers, websites, and web applications against risks and threats, improving ",
"product_code":"hss",
"title":"What Are the Differences Between HSS and WAF?",
"uri":"hss_01_0161.html",
"doc_type":"usermanual",
"p_code":"178",
"code":"183"
},
{
"desc":"The HSS agent is used to scan all servers and containers, monitor their status in real time, and collect their information and report to the cloud protection center.The a",
"product_code":"hss",
"title":"What Is the HSS Agent?",
"uri":"hss_01_0245.html",
"doc_type":"usermanual",
"p_code":"178",
"code":"184"
},
{
"desc":"HSS can detect intrusion threats, such as malicious programs and ransomware.HSS allows you to manually isolate and kill malicious processes and abnormal process behaviors",
"product_code":"hss",
"title":"Can HSS Automatically Detect and Remove Viruses?",
"uri":"hss_01_0564.html",
"doc_type":"usermanual",
"p_code":"178",
"code":"185"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Agent",
"uri":"hss_01_0321.html",
"doc_type":"usermanual",
"p_code":"177",
"code":"186"
},
{
"desc":"Yes, it may be in conflict with DenyHosts.Symptom: The IP address of the login server is identified as an attack IP address and blocked by HSS. After the IP address is un",
"product_code":"hss",
"title":"Is the Agent in Conflict with Any Other Security Software?",
"uri":"hss_01_0037.html",
"doc_type":"usermanual",
"p_code":"186",
"code":"187"
},
{
"desc":"Two uninstallation methods are available: one-click uninstallation and manual local uninstallation.The agent was installed using an incorrect package and you need to unin",
"product_code":"hss",
"title":"How Do I Uninstall the Agent?",
"uri":"hss_01_0119.html",
"doc_type":"usermanual",
"p_code":"186",
"code":"188"
},
{
"desc":"If this is the first time you install the agent, and the installation failed, rectify the fault by following the instructions provided in this section.The agent fails to ",
"product_code":"hss",
"title":"What Should I Do If Agent Installation Failed?",
"uri":"hss_01_0069.html",
"doc_type":"usermanual",
"p_code":"186",
"code":"189"
},
{
"desc":"Your agent is probably abnormal if it is in Not installed or Offline state. Agent statuses and their meaning are as follows:Uninstalled: No agent has been installed on th",
"product_code":"hss",
"title":"How Do I Fix an Abnormal Agent?",
"uri":"hss_01_0036.html",
"doc_type":"usermanual",
"p_code":"186",
"code":"190"
},
{
"desc":"The agent installation paths on servers running the Linux or Windows OS cannot be customized. Table 1 describes the default paths.",
"product_code":"hss",
"title":"What Is the Default Agent Installation Path?",
"uri":"hss_01_0096.html",
"doc_type":"usermanual",
"p_code":"186",
"code":"191"
},
{
"desc":"HSS uses lightweight agents, which occupy only a few resources and do not affect your services.The CPU and memory usage is as follows.A running agent occupies a maximum o",
"product_code":"hss",
"title":"How Many CPU and Memory Resources Are Occupied by the Agent When It Performs Scans?",
"uri":"hss_01_0116.html",
"doc_type":"usermanual",
"p_code":"186",
"code":"192"
},
{
"desc":"Yes. All HSS editions can use the same agent installed on a server.",
"product_code":"hss",
"title":"Do Different HSS Editions Share the Same Agent?",
"uri":"hss_01_0195.html",
"doc_type":"usermanual",
"p_code":"186",
"code":"193"
},
{
"desc":"Possible agent statuses are:Not installed: The agent has not been installed or successfully started.Online: The agent is running properly.Offline: The communication betwe",
"product_code":"hss",
"title":"How Do I View Servers Where No Agents Have Been Installed?",
"uri":"hss_01_0007.html",
"doc_type":"usermanual",
"p_code":"186",
"code":"194"
},
{
"desc":"On a server, you only need to install the agent once.After the installation, you are advised to restart the servers before enabling HSS and binding quotas.Now both the HS",
"product_code":"hss",
"title":"What Can I Do If the Agent Status Is Still \"Not installed\" After Installation?",
"uri":"hss_01_0394.html",
"doc_type":"usermanual",
"p_code":"186",
"code":"195"
},
{
"desc":"Servers are displayed on both the old and new console of HSS, regardless of whether their agents have been upgraded. The server statuses are properly displayed on the con",
"product_code":"hss",
"title":"What Do I Do If the Upgrade Fails?",
"uri":"hss_01_0409.html",
"doc_type":"usermanual",
"p_code":"186",
"code":"196"
},
{
"desc":"The HSS (Old) can still work properly, until it is completely replaced by the HSS (New) version.In the future, the HSS (New) version will replace the HSS (Old) version, w",
"product_code":"hss",
"title":"What If I Do Not Upgrade to the New Version?",
"uri":"hss_01_0415.html",
"doc_type":"usermanual",
"p_code":"186",
"code":"197"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Vulnerability Management",
"uri":"hss_01_0246.html",
"doc_type":"usermanual",
"p_code":"177",
"code":"198"
},
{
"desc":"Restart the Windows OS after you fix its vulnerabilities.Restart the Linux OS after you fix its kernel vulnerabilities.",
"product_code":"hss",
"title":"How Do I Fix Vulnerabilities?",
"uri":"hss_01_0209.html",
"doc_type":"usermanual",
"p_code":"198",
"code":"199"
},
{
"desc":"Perform the following operations to locate the cause and fix the problems.For more information, see the section \"Handling Vulnerabilities\".No yum sources have been config",
"product_code":"hss",
"title":"What Do I Do If an Alarm Still Exists After I Fixed a Vulnerability?",
"uri":"hss_01_0176.html",
"doc_type":"usermanual",
"p_code":"198",
"code":"200"
},
{
"desc":"The vulnerability list displays vulnerabilities detected in the last seven days. After a vulnerability is detected for a server, if you change the server name and do not ",
"product_code":"hss",
"title":"Why a Server Displayed in Vulnerability Information Does Not Exist?",
"uri":"hss_01_0247.html",
"doc_type":"usermanual",
"p_code":"198",
"code":"201"
},
{
"desc":"After you fixed Windows OS vulnerabilities or Linux kernel vulnerabilities, you need to restart servers for the fix to take effect, or HSS will continue to warn you of th",
"product_code":"hss",
"title":"Do I Need to Restart a Server After Its Vulnerabilities Are Fixed?",
"uri":"hss_01_0114.html",
"doc_type":"usermanual",
"p_code":"198",
"code":"202"
},
{
"desc":"Vulnerabilities are displayed in the vulnerability list only for seven days. You can only check the vulnerabilities that have been fixed in the last seven days.The fix hi",
"product_code":"hss",
"title":"Can I Check the Vulnerability and Baseline Fix History on HSS?",
"uri":"hss_01_0431.html",
"doc_type":"usermanual",
"p_code":"198",
"code":"203"
},
{
"desc":"If Linux or Windows vulnerabilities failed to be fixed on the HSS console, rectify the fault by following the instructions provided in this section.",
"product_code":"hss",
"title":"What Do I Do If Vulnerability Fix Failed?",
"uri":"hss_01_0523.html",
"doc_type":"usermanual",
"p_code":"198",
"code":"204"
},
{
"desc":"During manual vulnerability scanning or batch vulnerability fixing, the following servers cannot be selected:Servers that are not in the Running stateServers whose agent ",
"product_code":"hss",
"title":"Why Can't I Select a Server During Manual Vulnerability Scanning or Batch Vulnerability Fixing?",
"uri":"hss_01_0524.html",
"doc_type":"usermanual",
"p_code":"198",
"code":"205"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Intrusion Detection",
"uri":"hss_01_0164.html",
"doc_type":"usermanual",
"p_code":"177",
"code":"206"
},
{
"desc":"For details about how to view HSS alarms, see \"Viewing Intrusion Alarms\". For details about how to view CGS alarms, see \"Viewing Container Alarms\".You can fix vulnerabili",
"product_code":"hss",
"title":"How Do I View and Handle HSS Alarm Notifications?",
"uri":"hss_01_0244.html",
"doc_type":"usermanual",
"p_code":"206",
"code":"207"
},
{
"desc":"Take immediate measures to contain the attack, preventing miners from occupying CPU or affecting other applications. If a server is intruded by a mining program, the mini",
"product_code":"hss",
"title":"What Do I Do If My Servers Are Subjected to a Mining Attack?",
"uri":"hss_01_0206.html",
"doc_type":"usermanual",
"p_code":"206",
"code":"208"
},
{
"desc":"After you add a process to the whitelist, it will no longer trigger certain alarms, but its isolation will not be automatically canceled. If your process is isolated, you",
"product_code":"hss",
"title":"Why a Process Is Still Isolated After It Was Whitelisted?",
"uri":"hss_01_0207.html",
"doc_type":"usermanual",
"p_code":"206",
"code":"209"
},
{
"desc":"Intrusions to your servers before HSS is enabled cannot be detected.If you have applied for HSS, remember to enable it to detect intrusions.Web attacks cannot be detected",
"product_code":"hss",
"title":"Why an Attack Is Not Detected by HSS?",
"uri":"hss_01_0193.html",
"doc_type":"usermanual",
"p_code":"206",
"code":"210"
},
{
"desc":"Whether you can unblock an IP address depends on why it was blocked. An IP address will be blocked if it is regarded as the source of a brute-force attack, listed in the ",
"product_code":"hss",
"title":"Can I Unblock an IP Address Blocked by HSS, and How?",
"uri":"hss_01_0013.html",
"doc_type":"usermanual",
"p_code":"206",
"code":"211"
},
{
"desc":"If a blocked IP address does not perform brute-force attacks in the next 12 hours, the IP address will be automatically unblocked.",
"product_code":"hss",
"title":"Why a Blocked IP Address Is Automatically Unblocked?",
"uri":"hss_01_0204.html",
"doc_type":"usermanual",
"p_code":"206",
"code":"212"
},
{
"desc":"Detection period: real-time detectionIsolation and killing period:If you have enabled automatic isolation and killing, the system will scan and kill viruses in real time.",
"product_code":"hss",
"title":"How Often Is Malware Scan and Removal?",
"uri":"hss_01_0427.html",
"doc_type":"usermanual",
"p_code":"206",
"code":"213"
},
{
"desc":"Check whether the blocked IP address is a malicious IP address or a normal one.If it is normal, add it to the whitelist.If it is malicious, no further operations are requ",
"product_code":"hss",
"title":"What Do I Do If an IP Address Is Blocked by HSS?",
"uri":"hss_01_0429.html",
"doc_type":"usermanual",
"p_code":"206",
"code":"214"
},
{
"desc":"Generally, ransomware is spread through Trojan implantation, emails, files, vulnerabilities, bundles, and storage media.To defend against ransomware intrusions, prevent b",
"product_code":"hss",
"title":"How Do I Defend Against Ransomware Attacks?",
"uri":"hss_01_0430.html",
"doc_type":"usermanual",
"p_code":"206",
"code":"215"
},
{
"desc":"If you run commands related to normal services on the server, HSS generates high-risk command execution alarms. You can add a whitelist to prevent the alarm.To add a comm",
"product_code":"hss",
"title":"How Do I Add High-risk Command Execution Alarms to the Whitelist?",
"uri":"hss_01_0595.html",
"doc_type":"usermanual",
"p_code":"206",
"code":"216"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Abnormal Logins",
"uri":"hss_01_0188.html",
"doc_type":"usermanual",
"p_code":"177",
"code":"217"
},
{
"desc":"Even whitelisted IP addresses can certain trigger alarms. The SSH login IP address whitelist, Login Whitelist, and remote login functions focus on different aspects of se",
"product_code":"hss",
"title":"Why Do I Still Receive Remote Login Alarms After Configuring the Login IP Whitelist?",
"uri":"hss_01_0189.html",
"doc_type":"usermanual",
"p_code":"217",
"code":"218"
},
{
"desc":"The remote login detection function checks for remote logins into your servers in real time. HSS generates an alarm if it detects logins from locations other than the com",
"product_code":"hss",
"title":"How Do I Check the User IP address of a Remote Login?",
"uri":"hss_01_0091.html",
"doc_type":"usermanual",
"p_code":"217",
"code":"219"
},
{
"desc":"If you select Successful Logins in the Real-Time Alarm Notifications area, HSS will send alarms when detecting any successful logins.If all the accounts on your ECSs are ",
"product_code":"hss",
"title":"How Do I Cancel the Alarm Notifications of Successful Server Logins?",
"uri":"hss_01_0113.html",
"doc_type":"usermanual",
"p_code":"217",
"code":"220"
},
{
"desc":"No.If you do not want to receive remote login alarm notifications, add alarmed locations as common login locations, or deselect the remote login attempt item in alarm not",
"product_code":"hss",
"title":"Can I Disable Remote Login Detection?",
"uri":"hss_01_0120.html",
"doc_type":"usermanual",
"p_code":"217",
"code":"221"
},
{
"desc":"If you have enabled alarm notifications for intrusion detection, you will be notified immediately when an account is cracked or may be cracked.You can also check whether ",
"product_code":"hss",
"title":"How Do I Know Whether an Intrusion Succeeded?",
"uri":"hss_01_0192.html",
"doc_type":"usermanual",
"p_code":"217",
"code":"222"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Brute-force Attack Defense",
"uri":"hss_01_0038.html",
"doc_type":"usermanual",
"p_code":"177",
"code":"223"
},
{
"desc":"HSS can detect the following types of brute force attacks:Windows: SQL Server (automated blocking is not supported) and RDPLinux: MySQL, vfstpd, and SSHIf MySQL, vfstpd, ",
"product_code":"hss",
"title":"How Does HSS Intercept Brute Force Attacks?",
"uri":"hss_01_0008.html",
"doc_type":"usermanual",
"p_code":"223",
"code":"224"
},
{
"desc":"If a brute-force attack succeeded, take immediate measures to prevent attackers from further actions, such as breaching data, performing DDoS attacks, or implanting ranso",
"product_code":"hss",
"title":"How Do I Handle a Brute-force Attack Alarm?",
"uri":"hss_01_0183.html",
"doc_type":"usermanual",
"p_code":"223",
"code":"225"
},
{
"desc":"Intruders who cracked server accounts can exploit permissions to steal or tamper with data on servers, interrupting enterprise services and causing great loss.Configure t",
"product_code":"hss",
"title":"How Do I Defend Against Brute-force Attacks?",
"uri":"hss_01_0256.html",
"doc_type":"usermanual",
"p_code":"223",
"code":"226"
},
{
"desc":"HSS will block an IP address if it has five or more brute-force attack attempts detected within 30 seconds, or 15 or more brute-force attack attempts detected within 3600",
"product_code":"hss",
"title":"How Do I Unblock an IP Address?",
"uri":"hss_01_0287.html",
"doc_type":"usermanual",
"p_code":"223",
"code":"227"
},
{
"desc":"An alarm indicates that an attack was detected. It does not mean your cloud servers have been intruded. If you receive an alarm, handle it and take countermeasures in a t",
"product_code":"hss",
"title":"What Do I Do If HSS Frequently Reports Brute-force Alarms?",
"uri":"hss_01_0418.html",
"doc_type":"usermanual",
"p_code":"223",
"code":"228"
},
{
"desc":"The remote port of a server has been changed, but the brute-force attack records still displays the old port.The remote port configuration is synchronized to HSS through ",
"product_code":"hss",
"title":"What Do I Do If the Port in Brute-force Attack Records Is Not Updated?",
"uri":"hss_01_0512.html",
"doc_type":"usermanual",
"p_code":"223",
"code":"229"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Baseline Inspection",
"uri":"hss_01_0165.html",
"doc_type":"usermanual",
"p_code":"177",
"code":"230"
},
{
"desc":"If you have enhanced passwords before disabling the weak password policy, the weak password alarm will not be reported again.If you do not enhance passwords before disabl",
"product_code":"hss",
"title":"Why Are Weak Password Alarms Generated After the Weak Password Detection Policy Is Disabled?",
"uri":"hss_01_0274.html",
"doc_type":"usermanual",
"p_code":"230",
"code":"231"
},
{
"desc":"Your password complexity policy cannot be checked if no pluggable authentication module (PAM) is running on your servers. If PAM is not installed on a server, HSS will pr",
"product_code":"hss",
"title":"How Do I Install a PAM and Set a Proper Password Complexity Policy in a Linux OS?",
"uri":"hss_01_0043.html",
"doc_type":"usermanual",
"p_code":"230",
"code":"232"
},
{
"desc":"A proper password complexity policy would be: eight characters for the length of a password and at least three types of the following characters used: uppercase letters, ",
"product_code":"hss",
"title":"How Do I Set a Proper Password Complexity Policy in a Windows OS?",
"uri":"hss_01_0095.html",
"doc_type":"usermanual",
"p_code":"230",
"code":"233"
},
{
"desc":"HSS automatically performs a configuration detection for servers. You can repair unsafe configuration items or ignore the configuration items you trust based on the detec",
"product_code":"hss",
"title":"How Do I Handle Unsafe Configurations?",
"uri":"hss_01_0198.html",
"doc_type":"usermanual",
"p_code":"230",
"code":"234"
},
{
"desc":"You can view the configuration check details online.",
"product_code":"hss",
"title":"How Do I View Configuration Check Reports?",
"uri":"hss_01_0149.html",
"doc_type":"usermanual",
"p_code":"230",
"code":"235"
},
{
"desc":"Servers using weak passwords are exposed to intrusions. If a weak password alarm is reported, you are advised to change the alarmed password immediately.If simple passwor",
"product_code":"hss",
"title":"How Do I Handle a Weak Password Alarm?",
"uri":"hss_01_0197.html",
"doc_type":"usermanual",
"p_code":"230",
"code":"236"
},
{
"desc":"Comply with the following rules:Use a password with high complexity.The password must meet the following requirements:Contains at least eight characters.Contain at least ",
"product_code":"hss",
"title":"How Do I Set a Secure Password?",
"uri":"hss_01_0166.html",
"doc_type":"usermanual",
"p_code":"230",
"code":"237"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Web Tamper Protection",
"uri":"hss_01_0250.html",
"doc_type":"usermanual",
"p_code":"177",
"code":"238"
},
{
"desc":"WTP protects files in directories. If no directories are specified, WTP cannot take effect even if it is enabled.",
"product_code":"hss",
"title":"Why Do I Need to Add a Protected Directory?",
"uri":"hss_01_0199.html",
"doc_type":"usermanual",
"p_code":"238",
"code":"239"
},
{
"desc":"If you need to modify files in the protected directory, stop protection for the protected directory first.After the files are modified, resume protection for the director",
"product_code":"hss",
"title":"How Do I Modify a Protected Directory?",
"uri":"hss_01_0185.html",
"doc_type":"usermanual",
"p_code":"238",
"code":"240"
},
{
"desc":"The causes of this problem vary by scenarios.SymptomThe agent status is Offline or Not installed in the server list on the Web Tamper Protection page.The agent status is ",
"product_code":"hss",
"title":"What Should I Do If WTP Cannot Be Enabled?",
"uri":"hss_01_0202.html",
"doc_type":"usermanual",
"p_code":"238",
"code":"241"
},
{
"desc":"Protected directories are read-only. To modify files or update the website, perform any of the following operations.Disable WTP while you modify files in protected direct",
"product_code":"hss",
"title":"How Do I Modify a File After WTP Is Enabled?",
"uri":"hss_01_0255.html",
"doc_type":"usermanual",
"p_code":"238",
"code":"242"
},
{
"desc":"Dynamic WTP protects your Tomcat applications.For this function to take effect, ensure that:There are Tomcat applications running on your servers.Your servers run the Lin",
"product_code":"hss",
"title":"What Can I Do If I Enabled Dynamic WTP But Its Status Is Enabled but not in effect?",
"uri":"hss_01_0014.html",
"doc_type":"usermanual",
"p_code":"238",
"code":"243"
},
{
"desc":"The web tamper protection function of HSS monitors website directories in real time, backs up files, and restores tampered files using the backup, protecting websites fro",
"product_code":"hss",
"title":"What Are the Differences Between the Web Tamper Protection Functions of HSS and WAF?",
"uri":"hss_01_0017.html",
"doc_type":"usermanual",
"p_code":"238",
"code":"244"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Container Security",
"uri":"hss_01_0323.html",
"doc_type":"usermanual",
"p_code":"177",
"code":"245"
},
{
"desc":"Disabling protection does not affect services, but will increase security risks. You are advised to keep your servers protected.If your servers are managed by enterprise ",
"product_code":"hss",
"title":"How Do I Disable Node Protection?",
"uri":"hss_01_0325.html",
"doc_type":"usermanual",
"p_code":"245",
"code":"246"
},
{
"desc":"When you enable node protection, the system automatically installs the CGS plug-in on the node.An HSS quota protects one cluster node.",
"product_code":"hss",
"title":"How Do I Enable Node Protection?",
"uri":"hss_01_0324.html",
"doc_type":"usermanual",
"p_code":"245",
"code":"247"
},
{
"desc":"If the cluster network is abnormal or the plug-in is running, uninstalling the plug-in on the HSS console may fail.Perform the following operations on any cluster node to",
"product_code":"hss",
"title":"What Do I Do If the Container Cluster Protection Plug-in Fails to Be Uninstalled?",
"uri":"hss_01_0549.html",
"doc_type":"usermanual",
"p_code":"245",
"code":"248"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Ransomware Prevention",
"uri":"hss_01_0404.html",
"doc_type":"usermanual",
"p_code":"177",
"code":"249"
},
{
"desc":"The backup mechanism of ransomware protection inherits that of CBR (Cloud Backup and Restoration). Backup files of ransomware protection can be centrally managed and view",
"product_code":"hss",
"title":"What Are the Differences Between Ransomware Protection Backup and Cloud Backup?",
"uri":"hss_01_0405.html",
"doc_type":"usermanual",
"p_code":"249",
"code":"250"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Security Configurations",
"uri":"hss_01_0426.html",
"doc_type":"usermanual",
"p_code":"177",
"code":"251"
},
{
"desc":"You can disable or delete the SSH login IP address whitelist.",
"product_code":"hss",
"title":"How Do I Clear the SSH Login IP Address Whitelist Configured in HSS?",
"uri":"hss_01_0435.html",
"doc_type":"usermanual",
"p_code":"251",
"code":"252"
},
{
"desc":"You can log in to a server via the console but not via SSH.A server will be blocked if it is regarded as a suspicious server performing brute-force attacks (for example, ",
"product_code":"hss",
"title":"What Can I Do If I Cannot Remotely Log In to a Server via SSH?",
"uri":"hss_01_0436.html",
"doc_type":"usermanual",
"p_code":"251",
"code":"253"
},
{
"desc":"This FAQ shows you how to use 2FA.Logging in to a Linux serverUse PuTTY or Xshell to log in to your server.Select Keyboard Interactive and enter the user identity informa",
"product_code":"hss",
"title":"How Do I Use 2FA?",
"uri":"hss_01_0437.html",
"doc_type":"usermanual",
"p_code":"251",
"code":"254"
},
{
"desc":"The two-factor authentication function does not take effect immediately after being enabled.Wait for 5 minutes and try again.Wait for 5 minutes and try again.To enable tw",
"product_code":"hss",
"title":"Why Can't I Receive a Verification Code After 2FA Is Enabled?",
"uri":"hss_01_0439.html",
"doc_type":"usermanual",
"p_code":"251",
"code":"255"
},
{
"desc":"The login failed probably because file configurations or the login mode was incorrect.Check whether the configuration file is correct.Configuration file path: /etc/ssh/ss",
"product_code":"hss",
"title":"Why Does My Login Fail After I Enable 2FA?",
"uri":"hss_01_0440.html",
"doc_type":"usermanual",
"p_code":"251",
"code":"256"
},
{
"desc":"You can set your mobile phone number only if you have selected SMS/Email for Method. Set your mobile phone number in the SMN topic you choose.In the SMN Topic drop-down l",
"product_code":"hss",
"title":"How Do I Add a Mobile Number or Email Address for 2FA?",
"uri":"hss_01_0441.html",
"doc_type":"usermanual",
"p_code":"251",
"code":"257"
},
{
"desc":"If you do not want to receive certain HSS alarm notifications after HSS is enabled, you can disable the notification items. After it is disabled, you have to log in to th",
"product_code":"hss",
"title":"How Do I Modify Alarm Notification Items?",
"uri":"hss_01_0447.html",
"doc_type":"usermanual",
"p_code":"251",
"code":"258"
},
{
"desc":"Security-Enhanced Linux (SELinux) is a kernel module and security subsystem of Linux.SELinux minimizes the resources that can be accessed by service processes in the syst",
"product_code":"hss",
"title":"How Do I Disable the SELinux Firewall?",
"uri":"hss_01_0472.html",
"doc_type":"usermanual",
"p_code":"251",
"code":"259"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Others",
"uri":"hss_01_0101.html",
"doc_type":"usermanual",
"p_code":"177",
"code":"260"
},
{
"desc":"To use the Windows remote connection tool to connect to a Windows server, perform the following steps:",
"product_code":"hss",
"title":"How Do I Use the Windows Remote Desktop Connection Tool to Connect to a Windows Server?",
"uri":"hss_01_0269.html",
"doc_type":"usermanual",
"p_code":"260",
"code":"261"
},
{
"desc":"The following table describes log files and their paths.",
"product_code":"hss",
"title":"How Do I Check HSS Log Files?",
"uri":"hss_01_0099.html",
"doc_type":"usermanual",
"p_code":"260",
"code":"262"
},
{
"desc":"The account hacking prevention function for Linux supports MySQL 5.6 and 5.7. Perform the following steps to enable logging for login failure:show global variables like '",
"product_code":"hss",
"title":"How Do I Enable Logging for Login Failures?",
"uri":"hss_01_0103.html",
"doc_type":"usermanual",
"p_code":"260",
"code":"263"
},
{
"desc":"If you are sure the changes on your critical files are safe, you do not need to handle the alarm. It will be automatically cleared in seven days.",
"product_code":"hss",
"title":"How Do I Clear an Alarm on Critical File Changes?",
"uri":"hss_01_0117.html",
"doc_type":"usermanual",
"p_code":"260",
"code":"264"
},
{
"desc":"HSS self-protection protect HSS files, processes, and software from malicious programs, which may uninstall HSS agents, tamper with HSS files, or stop HSS processes.HSS s",
"product_code":"hss",
"title":"How Do I Enable or Disable HSS Self-protection?",
"uri":"hss_01_0511.html",
"doc_type":"usermanual",
"p_code":"260",
"code":"265"
},
{
"desc":"If the server network is disconnected, agents cannot receive the command for disabling self-protection delivered by the HSS console. Therefore, HSS self-protection cannot",
"product_code":"hss",
"title":"What Do I Do If Self-Protection Cannot Be Disabled?",
"uri":"hss_01_0504.html",
"doc_type":"usermanual",
"p_code":"260",
"code":"266"
},
{
"desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.",
"product_code":"hss",
"title":"Change History",
"uri":"hss_01_0417.html",
"doc_type":"usermanual",
"p_code":"",
"code":"267"
}
]
View Git Blame Copy Permalink