Jie Ji

Apache Spark Shell Command Injection Vulnerability (CVE-2022-33891) Alerts

julho 21, 2022

Overview Recently, NSFOCUS CERT detected that Apache officially released a security bulletin and fixed a command injection vulnerability (CVE-2022-33891) in Apache Spark. Since the Apache Spark UI enables acl through the configuration option Spark.acl.enable, by using an authentication filter, it is possible to check if a user has access to view or modify the application. […]

Configuring SSL Offload on NSFOCUS WAF

julho 18, 2022

With the increasing scale of SSL traffic, its disadvantages are becoming more and more obvious. In HTTPS communication, the client needs to start an SSL handshake with the server after the TCP handshake, which may cause SSL delay. In addition, the web server needs to encrypt and decrypt the data in transit, so the SSL […]

Microsoft’s July security update for multiple high-risk product vulnerabilities

julho 18, 2022

Overview On July 13, NSFOCUS CERT detected that Microsoft released the July security update patch, which fixed 84 security issues, involving widely used products such as Windows, Microsoft Office, Windows Print Spooler Components, Windows Hyper-V, and Azure Site Recovery, and included high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities […]

Security Knowledge Graph | Build an APT Group Graph to Avoid the Information Island Effect

julho 13, 2022

The security knowledge graph, a knowledge graph specific to the security domain, is the key to realizing cognitive intelligence in cyber security, and it also lays an indispensable technological foundation for dealing with advanced, continuous and complex threats and risks in cyberspace. NSFOCUS will publish a series of articles about the application of the security […]

NSFOCUS WAF Protection Actions

julho 6, 2022

NSFOCUS WAF supports five actions for a specific protection policy. Take HTTP access control as an example. You can specify one of the following actions as required: Pass: Indicates that if an access request matches corresponding parameter settings, NSFOCUS WAF directly forwards it to the destination server without any more security inspections. Accept: Indicates that […]

Tips on X-FORWARDED-FOR

julho 6, 2022

In the reverse proxy mode, NSFOCUS WAF preserves the real source IP address in the X-forwarded-for header. In this mode, since the destination for clients is the WAF, the WAF will record the real client IP address in this request header and forward the header to the server, which helps keep the entire session. Test […]

Is NIPS Capable of Blocking SSH Connections?

julho 6, 2022

The answer is YES! NSFOCUS NIPS can block SSH connections. You may have similar questions, for example, whether Nmap or sqlmap can be blocked by NIPS. The answer is YES, too! These questions can often be resolved by configuring application control profile. Follow these steps to enable SSH connection blocking: Step 1: Click Objects on […]

Enabling Detection to Traffic Listened on Non-Standard Ports

julho 6, 2022

By default, NSFOCUS NIPS identifies the protocols and detects attacks on standard ports only. For example, File Transfer Protocol (FTP) operates on ports 20 and 21, Telnet protocol operates on port 23, and HTTP protocol uses port 80. However, the traffic using preceding protocols on non-standard ports will not be identified by NIPS by default, […]

Description of ADS Hardware Status Alerts

julho 6, 2022

1.CPU threshold The default threshold value is 80%. The system CPU usage is updated every 10 seconds. 2.Memory threshold: The default threshold value is 90%. The system memory usage is updated every 10 seconds. 3.CPU temperature threshold: The default threshold value is 90 °C. The equipment CPU temperature is updated every 10 seconds. 4.Motherboard temperature […]

What Information will Master/Backup NTAs Share

julho 6, 2022

After two NTAs are configured to operate as the master and backup NTAs for hot standby, the master NTA will synchronize the configuration to the backup one in real time. This will guarantee that the configuration of the backup NTA is consistent with that of the master NTA. The synchronized configuration information includes the following: […]

Search

Inscreva-se no Blog da NSFOCUS