UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Unencrypted remote access is permitted to system services.


Overview

Finding ID Version Rule ID IA Controls Severity
V-2908 3.061 SV-29696r1_rule ECCT-1 ECCT-2 High
Description
This is a category 1 finding because when unencrypted access to system services is permitted, an intruder can intercept user identification and passwords that are being transmitted in clear text. This could give an intruder unlimited access to the network.
STIG Date
Windows 2008 Domain Controller Security Technical Implementation Guide 2013-07-03

Details

Check Text ( C-7892r1_chk )
Interview the IAO to ensure that encryption of userid and password information is required, and data is encrypted according to DoD policy.

If the user account used for unencrypted remote access within the enclave (premise router) has administrator privileges, then this is a finding.

If userid and password information used for remote access to system services from outside the enclave is not encrypted, then this is a finding.

Fix Text (F-120r1_fix)
Encryption of userid and password information is required.

Encryption of the user data inside the network firewall is also highly recommended.

Encryption of user data coming from or going outside the network firewall is required.

Encryption for administrator data is always required.

Refer to the Enclave Security STIG section on “FTP and Telnet,” for detailed information on its use.