Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Restricted accounts are not disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3369 | 4.048 | SV-29604r1_rule | IAAC-1 | Medium |
| Description |
|---|
| Several new accounts are created as part of the default installation. As these accounts are well known they may represent prime attack targets. To help prevent attacks using the well-known accounts the following accounts should be disabled: HelpAssistant and Support_388945a0. |
| STIG | Date |
|---|---|
| Windows 2003 Domain Controller Security Technical Implementation Guide | 2014-01-07 |
Details
| Check Text ( C-504r1_chk ) |
|---|
| Using the DUMPSEC utility: Select “Dump Users as Table” from the “Report” menu. Select the available fields in the following sequence, and click on the “Add” button for each entry: UserName SID PswdRequired PswdExpires LastLogonTime AcctDisabled Groups If the HelpAssistant or Support_388945a0 accounts have not been disabled, then this is a finding. |
| Fix Text (F-5804r1_fix) |
|---|
| Configure the system to disable restricted accounts such as HelpAssistant or Support_388945a0. |