Concepts
Account Cracking
Account cracking refers to the intruder behavior of guessing or cracking the password of an account.
HSS can detect brute-force attacks on SSH, RDP, FTP, SQL Server, and MySQL accounts.
Viewing Information About Weak Passwords
A weak password can be easily cracked.
Viewing Information About Malicious Programs
A malicious program, such as a backdoor, Trojan horse, worm, or virus, is developed with attack or illegal remote control intents.
Malware covertly inlays code into another program to run intrusive or disruptive programs and damage the security and integrity of the data on an infected server. Malware includes viruses, Trojan horses, and worms, classified by their ways of transmission.
HSS reports both identified and suspicious malware.
Ransomware (Cloud Scan)
Ransomware emerged with the Bitcoin economy. It is a Trojan that is disguised as a legitimate email attachment or bundled software and tricks you into opening or installing it. It can also arrive on your servers through website or server intrusion.
Ransomware often uses a range of algorithms to encrypt the victim's files and demand a ransom payment to get the decryption key. Digital currencies such as Bitcoin are typically used for the ransoms, making tracing and prosecuting the attackers difficult.
Ransomware interrupts businesses and can cause serious economic losses. We need to know how it works and how we can prevent it.
Two-Factor Authentication
Two-factor authentication (2FA) refers to the authentication of user login by the combination of the user password and a verification code.
Web Tamper Protection
Web Tamper Protection (WTP) is an HSS edition that protects your files, such as web pages, documents, and images, in specific directories against tampering and sabotage from hackers and viruses.
Project
Projects are used to group and isolate OpenStack resources, including computing, storage, and network resources. A project can be a department or a project team.
Multiple projects can be created for one account.
Software Vulnerabilities
Vulnerabilities in Linux and Windows are included.
Web-CMS Vulnerabilities
Vulnerabilities found in web directory and file scans are included.
Configuration Check
HSS can check for unsafe Tomcat, Nginx, and SSH login configurations.
Web Shell
HSS can check whether the files (often PHP and JSP files) in your web directories are web shells.
Reverse Shells
HSS can monitor user process behaviors to detect reverse shells caused by invalid connections. TCP, UDP, and ICMP protocols are checked.
Abnormal Shells
HSS can detect actions on abnormal shells, including moving, copying, and deleting shell files, and modifying the access permissions and hard links of the files.
Privilege Escalation
HSS can detect privilege escalation for processes and files in the current system.
Abnormal privilege escalation operations include:
- Root privilege escalation by exploiting SUID program vulnerabilities
- Root privilege escalation by exploiting kernel vulnerabilities
- File privilege escalation
Rootkit Programs
HSS can detect suspicious rootkit installation in a timely manner, including file signatures, hidden files, ports, and processes.
Protection Quotas
To protect a server, bind it to an HSS quota.
The quotas of different HSS editions you purchased are displayed on the console.
Example:
- If you have purchased an HSS enterprise edition quota, you can bind it to a server.
- If you have purchased 10 HSS enterprise edition quotas, you can bind them to 10 servers.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot