接触指标//www.yyueer.com/indicators/feeds?type=ioe 获取最新接触指标更新 2023年9月4日Mon:21:48GMT https://validator.w3.org/feed/docs/rss2.html 指针 接触指标 //www.yyueer.com/themes/custom/tenable/img/favicons/apple-touch-icon.png //www.yyueer.com/indicators/feeds?type=ioe 版权2023Tenable公司所有权利保留 sysvOL复制配置//www.yyueer.com/indicators/ioe/C-DFS-MISCONFIG //www.yyueer.com/indicators/ioe/C-DFS-MISCONFIG sysvol复制配置

/p> <!//www.yyueer.com/indicators/ioe/C-RANSOMWARE-HARDENING //www.yyueer.com/indicators/ioe/C-RANSOMWARE-HARDENING iumSeverity

<!//www.yyueer.com/indicators/ioe/C-PKI-DANG-ACCESS //www.yyueer.com/indicators/ioe/C-PKI-DANG-ACCESS s/www.yyueer.com/indicats/ioe/ <!//www.yyueer.com/indicators/ioe/C-GPO-EXEC-SANITY //www.yyueer.com/indicators/ioe/C-GPO-EXEC-SANITY ips/www.yyueer.com/c-GPO-EXEC-SANITY <!//www.yyueer.com/indicators/ioe/C-ADMIN-RESTRICT-AUTH //www.yyueer.com/indicators/ioe/C-ADMIN-RESTRICT-AUTH 高微 < h3 > Name

Logon限制特权用户 Description

setlogon协议无保障配置//www.yyueer.com/indicators/ioe/C-NETLOGON-SECURITY //www.yyueer.com/indicators/ioe/C-NETLOGON-SECURITY s/www.yyueer.com/indexments/ioe/C-NETLOGON-security <!//www.yyueer.com/indicators/ioe/C-CREDENTIAL-ROAMING //www.yyueer.com/indicators/ioe/C-CREDENTIAL-ROAMING

LowSeverity

<!//www.yyueer.com/indicators/ioe/C-CLEARTEXT-PASSWORD //www.yyueer.com/indicators/ioe/C-CLEARTEXT-PASSWORD 高易读性

/p>

清除文本密码

> <!//www.yyueer.com/indicators/ioe/C-DANGEROUS-SENSITIVE-PRIVILEGES //www.yyueer.com/indicators/ioe/C-DANGEROUS-SENSITIVE-PRIVILEGES 高度敏感特权

/h3>

/h3> > >

Miscentimation敏感特权降低目录基础设施安全性 <!//www.yyueer.com/indicators/ioe/C-SENSITIVE-CERTIFICATES-ON-USER //www.yyueer.com/indicators/ioe/C-SENSITIVE-CERTIFICATES-ON-USER

CreticalSevenity

units

![CDATADA无计算机加固GPOs]//www.yyueer.com/indicators/ioe/C-GPO-HARDENING //www.yyueer.com/indicators/ioe/C-GPO-HARDENING iumSeverity

Name

>无计算机加固GPos Descript

检验加固GPos> <!//www.yyueer.com/indicators/ioe/C-PROTECTED-USERS-GROUP-UNUSED //www.yyueer.com/indicators/ioe/C-PROTECTED-USERS-GROUP-UNUSED 高维 < h3>

/h3>

保护用户群

某些特权用户不是受保护用户群成员。

/read更多网站> <!//www.yyueer.com/indicators/ioe/C-PASSWORD-NOT-REQUIRED //www.yyueer.com/indicators/ioe/C-PASSWORD-NOT-REQUIRED 高超权限

>

/p3>记号中可能有空密码

检查用户账户缺密码空号。

/read更多登录> <![CDATA用户允许加入计算机域//www.yyueer.com/indicators/ioe/C-USERS-CAN-JOIN-COMPUTERS //www.yyueer.com/indicators/ioe/C-USERS-CAN-JOIN-COMPUTERS iumSeverity

Name

允许用户加入计算机域

Dscript

<![CDATA]微软EntraSSO账号密码最后修改//www.yyueer.com/indicators/ioe/C-AAD-SSO-PASSWORD //www.yyueer.com/indicators/ioe/C-AAD-SSO-PASSWORD i>微软EntraSSO账号密码

Last Changes/www.enable.com/indicats/ioe/AAD-SSO-PASWORD> <!//www.yyueer.com/indicators/ioe/C-ABNORMAL-ENTRIES-IN-SCHEMA //www.yyueer.com/indicators/ioe/C-ABNORMAL-ENTRIES-IN-SCHEMA schemass/www.yyueer.com/indicators/ioe/C-ENTRIES-IN-SCHEMA <![CDATA用户账号使用老密码]>//www.yyueer.com/indicators/ioe/C-USER-PASSWORD //www.yyueer.com/indicators/ioe/C-USER-PASSWORD iumSeverity

Name

用户账号使用老密码 Descript

用户账号必须定期修改

<!//www.yyueer.com/indicators/ioe/C-AAD-CONNECT //www.yyueer.com/indicators/ioe/C-AAD-CONNECT s/www.yyueer.com/indicats/C-AAD-CONNECT <![CDATA>域控制器由私用机管//www.yyueer.com/indicators/ioe/C-DC-ACCESS-CONSISTENCY //www.yyueer.com/indicators/ioe/C-DC-ACCESS-CONSISTENCY

CreticalSevency

Name

Deptation

管理某些域控制器可因危险访问权由非行政用户管理。

Read更多网站https://www.enable.com/indicats/ioe/C-DC-ACCESS-CONSISTCY> <![CDATA][弱密码策略应用到用户]>//www.yyueer.com/indicators/ioe/C-PASSWORD-POLICY //www.yyueer.com/indicators/ioe/C-PASSWORD-POLICY s/www.yyueer.com/index/ioe/ioe/iosWORD-POLICY <![CDATA/验证敏感GPO对象和文件权限]>//www.yyueer.com/indicators/ioe/C-GPO-SD-CONSISTENCY //www.yyueer.com/indicators/ioe/C-GPO-SD-CONSISTENCY

CriticalSevency

Name

Dscription

确保GPO对象和文件的许可设置与敏感容器相关联(像DocelictorsOU)为sane

>https://www.tenables/ioe/C-GPO-SD-CONSSETENTERY <![CDATA][Demae使用危险的后向兼容配置//www.yyueer.com/indicators/ioe/C-DSHEURISTICS //www.yyueer.com/indicators/ioe/C-DSHEURISTICS sheuristics属性可修改AD行为并产生安全效果

![CDATA+D函数级//www.yyueer.com/indicators/ioe/C-DOMAIN-FUNCTIONAL-LEVEL //www.yyueer.com/indicators/ioe/C-DOMAIN-FUNCTIONAL-LEVEL iumSeverity

Name

过期功能级

a低功能级禁止使用高级功能或改进

https/www.yyueer.com/indicats/ioe/C-DOMAIN-Functi <![CDATA][局域行政账管//www.yyueer.com/indicators/ioe/C-LAPS-UNSECURE-CONFIG //www.yyueer.com/indicators/ioe/C-LAPS-UNSECURE-CONFIG iumSeverity

Name

局域行政账管理 Dscript

保证本地行政账号集中安全使用LAPS

Read <![CDATA[Kerberos用户帐户配置 ]>//www.yyueer.com/indicators/ioe/C-KERBEROS-CONFIG-ACCOUNT //www.yyueer.com/indicators/ioe/C-KERBEROS-CONFIG-ACCOUNT iumSeverity

Name

Kerberos配置

Descript

<![CDATA[Root对象权限允许DCSYC类攻击]>//www.yyueer.com/indicators/ioe/C-ROOTOBJECTS-SD-CONSISTENCY //www.yyueer.com/indicators/ioe/C-ROOTOBJECTS-SD-CONSISTENCY syc类攻击

允许dssss/senable.com/indicators/ioe/C-ROtoBECTS-SD-CONSSTERY <![CDATA][使用Windows2000兼容存取控//www.yyueer.com/indicators/ioe/C-PRE-WIN2000-ACCESS-MEMBERS //www.yyueer.com/indicators/ioe/C-PRE-WIN2000-ACCESS-MEMBERS 高超访问控制 < h3> < h3> < h3>

accounts/ioe/C-PREWIN2000-ACCESS-MEBERS> <!//www.yyueer.com/indicators/ioe/C-DISABLED-ACCOUNTS-PRIV-GROUPS //www.yyueer.com/indicators/ioe/C-DISABLED-ACCOUNTS-PRIV-GROUPS

LowSeverity

<!//www.yyueer.com/indicators/ioe/C-OBSOLETE-SYSTEMS //www.yyueer.com/indicators/ioe/C-OBSOLETE-SYSTEMS i>操作过期OS Dscript

系统不再得到销售商支持并大大增加基础设施脆弱性

refss/www.yyueer.com/indicators/ioe/C-OBSOLETE-SYSTEMS <!//www.yyueer.com/indicators/ioe/C-ACCOUNTS-DANG-SID-HISTORY //www.yyueer.com/indicators/ioe/C-ACCOUNTS-DANG-SID-HISTORY 高级SID属性 < p>H3>

accounts

<![CDATA使用活动目录PKI中弱密码算法]>//www.yyueer.com/indicators/ioe/C-PKI-WEAK-CRYPTO //www.yyueer.com/indicators/ioe/C-PKI-WEAK-CRYPTO s/h3> Descript

使用主动目录PKI

Deptation

Deptroduction

<![CDATA新使用默认管理员帐户]>//www.yyueer.com/indicators/ioe/C-ADM-ACC-USAGE //www.yyueer.com/indicators/ioe/C-ADM-ACC-USAGE iumSeverity

<![CDATA用户初级组//www.yyueer.com/indicators/ioe/C-DANG-PRIMGROUPID //www.yyueer.com/indicators/ioe/C-DANG-PRIMGROUPID s/www.yyueer.com/indicators/ioe/DANG-IMGROPID <!//www.yyueer.com/indicators/ioe/C-UNCONST-DELEG //www.yyueer.com/indicators/ioe/C-UNCONST-DELEG s/www.yyueer.com/indicators/ioe/C-UNCONST-DELEG <![CDATA[Reversible Passwords]]>//www.yyueer.com/indicators/ioe/C-USERS-REVER-PWDS //www.yyueer.com/indicators/ioe/C-USERS-REVER-PWDS iumSeverity

Name

可更新密码 Descript

> <!//www.yyueer.com/indicators/ioe/C-REVER-PWD-GPO //www.yyueer.com/indicators/ioe/C-REVER-PWD-GPO iumSeverity

Name

可更新密码

Dscript

sprop一致性//www.yyueer.com/indicators/ioe/C-SDPROP-CONSISTENCY //www.yyueer.com/indicators/ioe/C-SDPROP-CONSISTENCY

CriticalSdustrity

Name

SDProp一致性

Decripation

控制管理员dminSDHorder对象处于净状态

> <!//www.yyueer.com/indicators/ioe/C-KRBTGT-PASSWORD //www.yyueer.com/indicators/ioe/C-KRBTGT-PASSWORD 高级Severity

KDC密码最后修改 Descript

KDC账号密码必须定期修改

.https/www.yyueer.com/indicats/ioe/C-KRBTGT-PASWORD> <![CDATA+Native行政组成员]>//www.yyueer.com/indicators/ioe/C-NATIVE-ADM-GROUP-MEMBERS //www.yyueer.com/indicators/ioe/C-NATIVE-ADM-GROUP-MEMBERS s/www.yyueer.com/indicaps/ioe/ANDM-GROUP-MEBERS serveros服务专用账号//www.yyueer.com/indicators/ioe/C-PRIV-ACCOUNTS-SPN //www.yyueer.com/indicators/ioe/C-PRIV-ACCOUNTS-SPN s/www.yyueer.com/indicats/io/C-PRIV-ACCOTSS-SPN <![CDATA[AdminCount属性集//www.yyueer.com/indicators/ioe/C-ADMINCOUNT-ACCOUNT-PROPS //www.yyueer.com/indicators/ioe/C-ADMINCOUNT-ACCOUNT-PROPS iumSeverity

Name

AdminCount属性集 <!//www.yyueer.com/indicators/ioe/C-SLEEPING-ACCOUNTS //www.yyueer.com/indicators/ioe/C-SLEEPING-ACCOUNTS iumSeverity

Name

Sleeping账号 >

unedSleeping账号

仍然激活 <!//www.yyueer.com/indicators/ioe/C-DANGEROUS-TRUST-RELATIONSHIP //www.yyueer.com/indicators/ioe/C-DANGEROUS-TRUST-RELATIONSHIP 高度信任

/h3>

>

Miscortific <!//www.yyueer.com/indicators/ioe/C-PASSWORD-DONT-EXPIRE //www.yyueer.com/indicators/ioe/C-PASSWORD-DONT-EXPIRE iumSeverity

Name

accounts永不过期密码 Dontration

<![CDATA/无关联、残废或孤儿GPO]>//www.yyueer.com/indicators/ioe/C-GPOLICY-DISABLED-UNLINKED //www.yyueer.com/indicators/ioe/C-GPOLICY-DISABLED-UNLINKED

LowSeverity

Baidu
map