Security advisor limitations
Posted: 01 Apr 2023, 21:42
Is there a way to turn off the red "in risk" flags or add some additional logic when they are triggered?
Examples:
1. I use an external firewall and the TOS status page knows that the WAN is disconnected but the security advisor flags red for firewall. I know that I don't have the TOS firewall enabled and don't need it.
2. I use ext4 so don't have snapshot capability but it gets flagged. How about not checking for snapshot when it isn't a valid capability?
3. Security isolation mode gets flagged. I won't use the mode because it turns off ssh . I won't use isolation mode because it turns off ssh. I have ssh enabled for local traffic because I want the backdoor if needed. How about stopping the isolation mode flag or changing isolation mode to allow local ssh?
4. What is the advisor looking for in the user password strength.? Mine gets flagged even though it is a very long random sequence.
Examples:
1. I use an external firewall and the TOS status page knows that the WAN is disconnected but the security advisor flags red for firewall. I know that I don't have the TOS firewall enabled and don't need it.
2. I use ext4 so don't have snapshot capability but it gets flagged. How about not checking for snapshot when it isn't a valid capability?
3. Security isolation mode gets flagged. I won't use the mode because it turns off ssh . I won't use isolation mode because it turns off ssh. I have ssh enabled for local traffic because I want the backdoor if needed. How about stopping the isolation mode flag or changing isolation mode to allow local ssh?
4. What is the advisor looking for in the user password strength.? Mine gets flagged even though it is a very long random sequence.