yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
fix_python
doc-exports/docs/hss/umn/hss_01_0383.html
qiaoli 8ac860f1c4 HSS UMN 20240730 version 
Reviewed-by: Rogal, Marcel <mrogal@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: qiaoli <qiaoli@huawei.com>
Co-committed-by: qiaoli <qiaoli@huawei.com>
2024-12-19 12:07:54 +00:00

6.3 KiB
Raw Permalink Blame History

Viewing Server Asset Fingerprints

HSS can collect server asset fingerprints, including information about ports, processes, web applications, web services, web frameworks, and auto-started items. You can centrally check server asset information and detect risky assets in a timely manner based on the server fingerprints.

This section describes how to view the collected server asset fingerprints on the console. For more information, see Collecting Server Asset Fingerprints.

Viewing Asset Information of All Servers

  1. Log in to the management console.
  2. Click in the upper left corner of the page, select a region, and choose Security > Host Security Service. The HSS page is displayed.
  3. Choose Asset Management > Server Fingerprints to view all server assets.

    If your servers are managed by enterprise projects, you can select the target enterprise project to view or operate the asset and detection information.

    Figure 1 Viewing server asset information

  4. Click a fingerprint type in the list to view the asset information.
  5. (Optional) Remove risky assets.

    If you find unsafe assets after counting, remove them in a timely manner.

    You are advised to handle unsafe ports as follows:

    • If HSS detects open high-risk ports or unused ports, check whether they are really used by your services. If they are not, disable them. For dangerous ports, you are advised to further check their program files, and delete or isolate their source files if necessary.
    • If a detected high-risk port is actually a normal port used for services, you can ignore it. Ignored alarms will neither be recorded as unsafe items and nor trigger alarms.

Viewing Asset Information of a Single Server

  1. Log in to the management console.
  2. Click in the upper left corner of the page, select a region, and choose Security > Host Security Service. The HSS page is displayed.
  3. In the navigation pane, choose Asset Management > Servers & Quota. Click the Servers tab.

    If your servers are managed by enterprise projects, you can select an enterprise project to view or operate the asset and scan information.

  4. Click the name of the target server. On the server details page that is displayed, choose Asset Fingerprints > Servers.
  5. Click a fingerprint type in the list to view the asset information.
  6. (Optional) Remove risky assets.

    If you find unsafe assets after counting, remove them in a timely manner.

    You are advised to handle unsafe ports as follows:

    • If HSS detects open high-risk ports or unused ports, check whether they are really used by your services. If they are not, disable them. For dangerous ports, you are advised to further check their program files, and delete or isolate their source files if necessary.
    • If a detected high-risk port is actually a normal port used for services, you can ignore it. Ignored alarms will neither be recorded as unsafe items and nor trigger alarms.

Parent topic: Server Fingerprints