No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference

S1720, S2700, S5700, and S6720 V200R011C10

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Security Risk Commands

Security Risk Commands

Command Support

Commands provided in this section and all the parameters in the commands are supported by all switch models by default, unless otherwise specified. For details, see specific commands.

display security risk

Function

The display security risk command displays security risks in the system and suggested solutions for the risks.

Format

display security risk [ feature feature-name ] [ level { high | medium | low } ]

Parameters

Parameter Description Value
feature feature-name Displays security risks of a specified feature. Enumerated type. The value depends on the registered module.
level high Displays security risks of High level. -
level medium Displays security risks of Medium level. -
level low Displays security risks of Low level. -

Views

All views

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Protocols have different security performances, and some protocols may have security risks. Run the display security risk command to identify security risks in the system. Then clear the security risks according to the repair action in the command output. For example, if SNMPv1 is configured, the display security risk command output will prompt for the use of SNMPv3.

You can filter the security risks by specifying the security level, feature, or both.

Precautions

The security risks that are displayed vary with user levels. The system administrators can view all security risks in the system. Other users can only view the security risks matching their levels.

Example

# Display security risks in the system.

<HUAWEI> display security risk
Risk level       : high                                                                                                             
Feature name     : SNMP                                                                                                             
Risk information : SNMPv1/SNMPv2c is enabled.                                                                                       
Repair action    : Use SNMPv3.                                                                                                      
                                                                                                                                    
Risk level       : high                                                                                                             
Feature name     : TELNET                                                                                                           
Risk information : None authentication is configured for Telnet users.                                                              
Repair action    : Use AAA authentication.                                                                                          
                                                                                                                                    
Risk level       : medium                                                                                                           
Feature name     : CONSOLE                                                                                                          
Risk information : No authentication is configured, password authentication is configured but no password is specified, or none auth
entication is configured on the console interface.                                                                                  
Repair action    : Use AAA authentication.                                                                                          
                                                                                                                                    
Risk level       : medium                                                                                                           
Feature name     : SSH                                                                                                              
Risk information : SSHv1 is supported.                                                                                              
Repair action    : Close SSHv1.                                                                                                     
                                                                                                                                    
Risk level       : medium                                                                                                           
Feature name     : TELNET                                                                                                           
Risk information : The Telnet server function is used.                                                                              
Repair action    : Use Stelnet.    

# Display security risks of the TELNET feature.

<HUAWEI> display security risk feature telnet
Risk level       : high                                                                                                             
Feature name     : TELNET                                                                                                           
Risk information : None authentication is configured for Telnet users.                                                              
Repair action    : Use AAA authentication.                                                                                          
                                                                                                                                    
Risk level       : medium                                                                                                           
Feature name     : TELNET                                                                                                           
Risk information : The Telnet server function is used.                                                                              
Repair action    : Use Stelnet.   

# Display security risks of Medium level.

<HUAWEI> display security risk level medium
Risk level       : medium                                                                                                           
Feature name     : CONSOLE                                                                                                          
Risk information : No authentication is configured, password authentication is configured but no password is specified, or none auth
entication is configured on the console interface.                                                                                  
Repair action    : Use AAA authentication.                                                                                          
                                                                                                                                    
Risk level       : medium                                                                                                           
Feature name     : SSH                                                                                                              
Risk information : SSHv1 is supported.                                                                                              
Repair action    : Close SSHv1.                                                                                                     
                                                                                                                                    
Risk level       : medium                                                                                                           
Feature name     : TELNET                                                                                                           
Risk information : The Telnet server function is used.                                                                              
Repair action    : Use Stelnet.  
NOTE:

The command output provided here is used for reference only. The actual output information depends on the situation.

Table 14-78  Description of the display security risk command output

Item

Description

Risk level

Security risk level. It can be any value of the following:

  • high;
  • medium;
  • low.

Feature name

Feature name.

Risk information

Information about the security risks.

Repair action

Suggested solutions for the security risks.

Translation
Download
Updated: 2019-04-18

Document ID: EDOC1000178165

Views: 42153

Downloads: 1103

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next