Critical information of users is stored in system files such as /etc/passwd and /etc/shadow. The information can be read by running system commands such as cat, head, and tail.
Impacts
Attacks
Critical system information can be obtained from your server that is under web attacks such as remote command execution. After attackers obtain the information, the attackers can launch attacks such as remote logons and remote control.
Spreading of worms and trojans
Worms and trojans can obtain critical system information to laterally spread in internal networks.
Operations in the Cloud Firewall console
The rules that you can use to disable leaks of critical system information are in Monitor mode. If you want to prevent the leaks of critical system information such as /etc/passwd in the cloud, you can log on to the Cloud Firewall console, choose , and click Customize in the Basic Protection section. In the Customize Basic Protection Policies dialog box, change the mode of some or all related rules to Block. This prevents or minimizes the preceding impacts in an efficient manner.