Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Named Pipes network protocol should be documented and approved if enabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15124 | DM6015-SQLServer9 | SV-25457r1_rule | DCFA-1 | Medium |
| Description |
|---|
| The named pipes network protocol requires more ports to be opened on firewalls than TCP/IP. Managing and administering multiple network protocols may unnecessarily complicate network controls. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-04-03 |
Details
| Check Text ( C-23566r1_chk ) |
|---|
| From the SQL Server Configuration Manager GUI: 1. Expand SQL Server 2005 Network Configuration 2. Repeat for each instance: a. Select Protocols for [instance name]. b. View in the right pane, the status for Named Pipes If Named Pipes is enabled, this is a Finding. |
| Fix Text (F-18455r1_fix) |
|---|
| If Named Pipes is required, document its use in the System Security Plan. Disable Named Pipes if not required and documented in the System Security Plan. From the SQL Server Configuration Manager GUI: 1. Expand SQL Server 2005 Network Configuration 2. Repeat for each instance: a. Select Protocols for [instance name] b. Double-click Named Pipes. c. Select No as the value for Enabled. d. Click OK 3. Click OK (acknowledge change won't take place until next restart) 4. Exit the SQL Server Configuration Manager GUI |