Domain name for API request: cwp.tencentcloudapi.com.
This API is used to obtain the list of baseline detection items.
A maximum of 20 requests can be initiated per second for this API.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
Parameter Name | Required | Type | Description |
---|---|---|---|
Action | Yes | String | Common Params. The value used for this API: DescribeBaselineItemDetectList. |
Version | Yes | String | Common Params. The value used for this API: 2018-02-28. |
Region | No | String | Common Params. This parameter is not required. |
Filters.N | No | Array of Filter | |
Limit | No | Integer | Limit Entries, 10 by default, up to 100 |
Offset | No | Integer | Offset, which is 0 by default. |
Order | No | String | Sorting Method: [ASC: Ascending Order, DESC: Descending Order] |
By | No | String | Sorting column: [HostCount|FirstTime|LastTime] |
Parameter Name | Type | Description |
---|---|---|
Total | Integer | Total number |
List | Array of BaselineItemDetect | None |
RequestId | String | The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
POST / HTTP/1.1
Host: cwp.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeBaselineItemDetectList
<Common request parameters>
{}
{
"Response": {
"List": [
{
"ItemId": 2162,
"ItemName": "Ensure that permissions on /etc/shadow are set",
"ItemDesc": "The /etc/shadow file is used to store information about user accounts, which is crucial for the security of these accounts, such as hashed passwords and other security information.",
"FixMethod": "Run the following command to set permissions on /etc/shadow:\n# chown root:root /etc/shadow# chmod 000 /etc/shadow\n",
"RuleId": 13,
"RuleName": "International standard - CentOS 7 security baseline check level 1",
"HostCount": 1,
"FirstTime": "2022-07-18 13:33:12",
"LastTime": "2022-07-21 21:25:01",
"DetectStatus": 3,
"Level": 2,
"DetectResult": "",
"PassedHostCount": 1,
"NotPassedHostCount": 0
},
{
"ItemId": 2163,
"ItemName": "Ensure that the rsync service is not enabled",
"ItemDesc": "The rsyncd service can be used to synchronize files between systems over network links.",
"FixMethod": "Run the following command to disable rsync:\n #systemctl disable rsyncd \n",
"RuleId": 13,
"RuleName": "International standard - CentOS 7 security baseline check level 1",
"HostCount": 1,
"FirstTime": "2022-07-18 13:33:12",
"LastTime": "2022-07-21 21:25:01",
"DetectStatus": 3,
"Level": 2,
"DetectResult": "",
"PassedHostCount": 1,
"NotPassedHostCount": 0
},
{
"ItemId": 2164,
"ItemName": "Ensure that the noexec option is set on the /var/tmp partition",
"ItemDesc": "The noexec mounting option specifies that the file system cannot contain executable binary files.",
"FixMethod": "Edit the /etc/fstab file and add noexec to the fourth field of the /var/tmp partition.\nRun the following command to remount /var/tmp:\n# mount -o remount,noexec /var/tmp\n",
"RuleId": 13,
"RuleName": "International standard - CentOS 7 security baseline check level 1",
"HostCount": 1,
"FirstTime": "2022-07-18 13:33:12",
"LastTime": "2022-07-21 21:25:01",
"DetectStatus": 3,
"Level": 2,
"DetectResult": "",
"PassedHostCount": 1,
"NotPassedHostCount": 0
},
{
"ItemId": 2166,
"ItemName": "Ensure that the HTTP proxy service is not enabled",
"ItemDesc": "Squid is the standard proxy server used in many distributions and environments.",
"FixMethod": "Run the following command to disable Squid:\n #systemctl disable squid \n",
"RuleId": 13,
"RuleName": "International standard - CentOS 7 security baseline check level 1",
"HostCount": 1,
"FirstTime": "2022-07-18 13:33:12",
"LastTime": "2022-07-21 21:25:01",
"DetectStatus": 3,
"Level": 2,
"DetectResult": "",
"PassedHostCount": 1,
"NotPassedHostCount": 0
},
{
"ItemId": 2169,
"ItemName": "Ensure that the noexec option is set on the /tmp partition",
"ItemDesc": "File systems with the noexec mounting option cannot contain executable binary files.",
"FixMethod": "Edit /etc/systemd/system/local-fs.target.wants/tmp.mount and add noexec to /tmp:\n[Mount]Options=mode=1777,strictatime,noexec,nodev,nosuid\nRun the following command to remount /tmp:\n# mount -o remount,noexec /tmp\n",
"RuleId": 13,
"RuleName": "International standard - CentOS 7 security baseline check level 1",
"HostCount": 1,
"FirstTime": "2022-07-18 13:33:12",
"LastTime": "2022-07-21 21:25:01",
"DetectStatus": 3,
"Level": 2,
"DetectResult": "",
"PassedHostCount": 1,
"NotPassedHostCount": 0
},
{
"ItemId": 2172,
"ItemName": "Ensure that the TFTP service is disabled",
"ItemDesc": "Trivial File Transfer Protocol (TFTP) is a simple file transfer protocol typically used for automatic transfer of configuration from a boot server or computer. The tftp-server package is used for defining and supporting the TFTP server.",
"FixMethod": "Run the following command to disable TFTP:\n# systemctl disable tftp.socket",
"RuleId": 13,
"RuleName": "International standard - CentOS 7 security baseline check level 1",
"HostCount": 1,
"FirstTime": "2022-07-18 13:33:12",
"LastTime": "2022-07-21 21:25:01",
"DetectStatus": 3,
"Level": 2,
"DetectResult": "",
"PassedHostCount": 1,
"NotPassedHostCount": 0
},
{
"ItemId": 2179,
"ItemName": "Ensure that no residual entry with the character + exists in /etc/shadow",
"ItemDesc": "The character + in various files once served as a mark for the system to insert data from NIS maps at a certain point in system configuration files. Entries with this character are no longer needed on most systems but may exist in files imported from other platforms.\n",
"FixMethod": "Remove entries with the character + from /etc/shadow",
"RuleId": 13,
"RuleName": "International standard - CentOS 7 security baseline check level 1",
"HostCount": 1,
"FirstTime": "2022-07-18 13:33:12",
"LastTime": "2022-07-21 21:25:01",
"DetectStatus": 3,
"Level": 2,
"DetectResult": "",
"PassedHostCount": 1,
"NotPassedHostCount": 0
},
{
"ItemId": 2181,
"ItemName": "Ensure that Avahi Server is disabled",
"ItemDesc": "Avahi allows programs to publish and discover services and hosts running on a local network without specific configuration.",
"FixMethod": "Run the following command to disable avahi-daemon:\n #systemctl disable avahi-daemon \n",
"RuleId": 13,
"RuleName": "International standard - CentOS 7 security baseline check level 1",
"HostCount": 1,
"FirstTime": "2022-07-18 13:33:12",
"LastTime": "2022-07-21 21:25:01",
"DetectStatus": 3,
"Level": 2,
"DetectResult": "",
"PassedHostCount": 1,
"NotPassedHostCount": 0
},
{
"ItemId": 2185,
"ItemName": "Ensure that the nodev option is set on the /var/tmp partition",
"ItemDesc": "The nodev mounting option specifies that the file system cannot contain special devices.",
"FixMethod": "Edit the /etc/fstab file and add nodev to the fourth field of the /var/tmp partition (mounting option).\nRun the following command to remount /var/tmp:\n# mount -o remount,nodev /var/tmpq\n",
"RuleId": 13,
"RuleName": "International standard - CentOS 7 security baseline check level 1",
"HostCount": 1,
"FirstTime": "2022-07-18 13:33:12",
"LastTime": "2022-07-21 21:25:01",
"DetectStatus": 3,
"Level": 2,
"DetectResult": "",
"PassedHostCount": 1,
"NotPassedHostCount": 0
},
{
"ItemId": 2189,
"ItemName": "Ensure that the HTTP service is disabled",
"ItemDesc": "The HTTP or Web server provides the feature of managing website content.",
"FixMethod": "Run the following command to disable HTTPd:\n #systemctl disable httpd \n",
"RuleId": 13,
"RuleName": "International standard - CentOS 7 security baseline check level 1",
"HostCount": 1,
"FirstTime": "2022-07-18 13:33:12",
"LastTime": "2022-07-21 21:25:01",
"DetectStatus": 3,
"Level": 2,
"DetectResult": "",
"PassedHostCount": 1,
"NotPassedHostCount": 0
}
],
"RequestId": "d93119fb-5ea9-4dc4-8e1a-b878dc62c67c",
"Total": 169
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
Error Code | Description |
---|---|
FailedOperation | Operation failed. |
InternalError | Internal error |
InvalidParameter | Incorrect parameter. |
Was this page helpful?