No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference

CloudEngine 8800, 7800, 6800, and 5800 V200R002C50

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Security Risk Commands

Security Risk Commands

display security risk

Function

The display security risk command displays security risks in the system and suggested solutions for the risks.

Format

display security risk [ feature feature-name ] [ level { high | medium | low } ]

Parameters

Parameter Description Value
feature feature-name Displays security risks of a specified feature. Enumerated type. The value depends on the registered module.
level high Displays security risks of High level. -
level medium Displays security risks of Medium level. -
level low Displays security risks of Low level. -

Views

All views

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Protocols have different security performances, and some protocols may have security risks. Run the display security risk command to identify security risks in the system. Then clear the security risks according to the repair action in the command output. For example, if SNMPv1 is configured, the display security risk command output will prompt for the use of SNMPv3.

You can filter the security risks by specifying the security level, feature, or both.

Precautions

The security risks that are displayed vary with user levels. The system administrators can view all security risks in the system. Other users can only view the security risks matching their levels.

Example

# Display security risks in the system.

<HUAWEI> display security risk
Risk Level         : high
Feature Name       : FTPS
Risk Information   : FTP is not a secure protocol.
Repair Action      : It is recommended to use SFTP.

Risk Level         : medium
Feature Name       : ISIS
Risk Information   : None authentication configure is existing in isis 1 area
Repair Action      : Using "area-authentication-mode" to change the configuration.

Risk Level         : medium
Feature Name       : ISIS
Risk Information   : None authentication configure is existing in isis 1 domain
Repair Action      : Using "domain-authentication-mode" to change the configuration.

Risk Level         : medium
Feature Name       : LAM
Risk Information   : The system does not periodically prompt the user to change the password, which increases the possibility of cra
cking the password.
Repair Action      : Set the global aging period for user password.

Risk Level         : medium
Feature Name       : TRILL
Risk Information   : None authentication configure is existing in trill area
Repair Action      : Using "area-authentication-mode" to change the configuration.

Risk Level         : medium
Feature Name       : TRILL
Risk Information   : None authentication configure is existing in trill interface 10GE4/0/15
Repair Action      : Using "trill authentication-mode" to change the configuration.

Risk Level         : medium
Feature Name       : SSH
Risk Information   : SSHv1 is enabled.
Repair Action      : Close SSHv1.

Risk Level         : medium
Feature Name       : TELNETS
Risk Information   : The Telnet server function is used.
Repair Action      : Use Stelnet.                               

# Display security risks of the ISIS feature.

<HUAWEI> display security risk feature isis
Risk Level         : medium
Feature Name       : ISIS
Risk Information   : None authentication configure is existing in isis 1 area
Repair Action      : Using "area-authentication-mode" to change the configuration.

# Display security risks of Medium level.

<HUAWEI> display security risk level medium
Risk Level         : medium
Feature Name       : ISIS
Risk Information   : None authentication configure is existing in isis 1 area
Repair Action      : Using "area-authentication-mode" to change the configuration.

Risk Level         : medium
Feature Name       : ISIS
Risk Information   : None authentication configure is existing in isis 1 domain
Repair Action      : Using "domain-authentication-mode" to change the configuration.

Risk Level         : medium
Feature Name       : LAM
Risk Information   : The system does not periodically prompt the user to change the password, which increases the possibility of cra
cking the password.
Repair Action      : Set the global aging period for user password.

Risk Level         : medium
Feature Name       : TRILL
Risk Information   : None authentication configure is existing in trill area
Repair Action      : Using "area-authentication-mode" to change the configuration.

Risk Level         : medium
Feature Name       : TRILL
Risk Information   : None authentication configure is existing in trill interface 10GE4/0/15
Repair Action      : Using "trill authentication-mode" to change the configuration.

Risk Level         : medium
Feature Name       : SSH
Risk Information   : SSHv1 is enabled.
Repair Action      : Close SSHv1.

Risk Level         : medium
Feature Name       : TELNETS
Risk Information   : The Telnet server function is used.
Repair Action      : Use Stelnet.                           
NOTE:

The command output provided here is used for reference only. The actual output information depends on the situation.

Table 16-102  Description of the display security risk command output

Item

Description

Risk Level

Security risk level. It can be any value of the following:

  • high;
  • medium;
  • low.

Feature Name

Feature name.

Risk Information

Information about the security risks.

Repair Action

Suggested solutions for the security risks.

Translation
Download
Updated: 2019-03-21

Document ID: EDOC1000166501

Views: 42733

Downloads: 328

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next