Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-2249 | WG230 IIS7 | SV-32329r1_rule | EBRP-1 EBRU-1 | High |
Description |
---|
Logging into a web server via a telnet session or using HTTP or FTP to perform updates and maintenance carries risk because user IDs and passwords are passed in the plain text. A secure shell service or HTTPS should be used for these purposes. Another alternative is to administer the web server/site from the local console. |
STIG | Date |
---|---|
IIS 7.0 WEB SITE STIG | 2014-12-05 |
Check Text ( C-32735r1_chk ) |
---|
1. Right-click the Computer icon, select Properties. 2. Click Remote Settings. 3. If Allow connections only from computers running remote desktop with Network Level Authentication is not selected, this is a finding. |
Fix Text (F-29062r1_fix) |
---|
1. Develop documentation listing those individuals who are authorized to perform remote administration. 2. Right-click the Computer icon, select Properties 3. Click Remote Settings 4. Select Allow connections only from computers running remote desktop with Network Level Authentication. 5. Click Select Users and add the users to the list the SA has documented as authorized to access the system remotely. |