Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IIS Internet Printing Protocol must be disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-6754 | WA000-WI080 IIS6 | SV-38150r1_rule | ECSC-1 | Medium |
| Description |
|---|
| The use of Internet Printing Protocol (IPP) on an IIS web server allows client’s access to shared printers. This privileged access could allow remote code execution by increasing the web servers attack surface. Additionally, IPP does not support SSL adding to its risk posture. |
| STIG | Date |
|---|---|
| IIS6 Server | 2011-09-26 |
Details
| Check Text ( C-37520r1_chk ) |
|---|
| 1. Open IIS Manager > expand the applicable server > select "Web Service Extensions". 2. In the right pane, the Internet Printing extension should be displayed. 3. If the Internet Printing extension is set to "Allowed", this is a finding. |
| Fix Text (F-32768r1_fix) |
|---|
| Set the Internet Printing Extension to “Prohibited”. |