Viewing Server Fingerprints

Scenario

Check the server asset fingerprints collected by HSS and handle asset anomalies.

• For details about how to view the asset fingerprint summary information of all servers, see Viewing the Fingerprints of All Servers.
• For details about how to view the asset fingerprint information of a single server, see Viewing the Asset Information of a Single Server.

Viewing the Fingerprints of All Servers

1. Log in to the HSS console.
2. Click in the upper left corner and select a region or project.
3. Choose Asset Management > Server Fingerprints.
4. (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
5. View the server fingerprint overview.
   Figure 1 Viewing server fingerprints
   

6. Click a fingerprint type in the fingerprint list, for example, Installed Software, to view its details.

   The meanings of the numbers in Figure 2 are as follows:

   • 1: the fingerprint list and the number of associated servers
   • 2: The fingerprint details list. You can click a fingerprint in the fingerprint list on the left to view its details.
   Figure 2 Viewing server fingerprint details
   

7. (Optional) Remove risky assets.

   If you find unsafe assets after counting, remove them in a timely manner.

   If you receive port alarms, you can set Dangerous Port to Yes in the search box of the Open Ports area to filter dangerous ports. You are advised to handle unsafe ports as follows:

   • If HSS detects open high-risk ports or unused ports, check whether they are really used by your services. If they are not, disable them. For dangerous ports, you are advised to further check their program files, and delete or isolate their source files if necessary.
   • If a detected high-risk port is actually a normal port used for services, you can ignore it. The port will no longer be regarded risky or generate alarms.

   For more information, see High-risk port list.

Viewing the Asset Information of a Single Server

1. Log in to the HSS console.
2. Click in the upper left corner and select a region or project.
3. In the navigation pane, choose Asset Management > Servers & Quota. Click the Servers tab.
4. (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
5. Click the name of the target server. On the server details page that is displayed, choose Asset Fingerprints > Servers.
   Figure 3 Viewing asset fingerprints of a single server
   

6. In the Fingerprints list, click a fingerprint type to view details.
   Figure 4 Viewing server fingerprint details
   

7. (Optional) Remove risky assets.

   If you find unsafe assets after counting, remove them in a timely manner.

   If you receive port alarms, you can set Dangerous Port to Yes in the search box of the Open Ports area to filter dangerous ports. You are advised to handle unsafe ports as follows:

   • If HSS detects open high-risk ports or unused ports, check whether they are really used by your services. If they are not, disable them. For dangerous ports, you are advised to further check their program files, and delete or isolate their source files if necessary.
   • If a detected high-risk port is actually a normal port used for services, you can ignore it. Ignored alarms will neither be recorded as unsafe items and nor trigger alarms.

   For more information, see High-risk port list.

High-risk port list

Table 1 lists the high-risk ports identified by the asset fingerprint function of HSS. If a high-risk port is enabled in your asset, check whether they are really used by your services.