ISO 27001:2022 A.8.22

Segregation of networks

UnveilScan findings mapped to this control

The scanner emits 3 distinct findings on this control. Click "Scan a domain" below to see which of them currently apply to your site, with copy-paste remediation snippets (nginx, Apache, DNS BIND, web-server config).

dns.open_resolver ⏱ 1h

DNS — Open resolver

Risk if ignored: Your server gets weaponised for DNS-amplification DDoS attacks against third parties, leading to hosting-provider sanctions and IP reputation damage.

security operational reputational

Also maps to 2 other controls

dns.public_points_to_private ⏱ 15 min

DNS — Public points to private

Risk if ignored: Low impact, mostly a maturity signal. Fix when you next touch this area.

operational

Also maps to 1 other control

ANSSI Reco-DNS §3.3 — Pas d'adresse privée dans zone publique

web.http_method_connect ⏱ 15 min

WEB — Http method connect

Risk if ignored: Low impact, mostly a maturity signal. Fix when you next touch this area.

operational

Also maps to 1 other control

ANSSI Reco-WebSec §4.2 — Pas de CONNECT sur un origin public