Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-1135 | 3.027 | SV-32257r1_rule | ECCD-1 | Low |
Description |
---|
Improperly configured share permissions on printers can permit the addition of unauthorized print devices on the network. Windows shares are a means by which files, folders, printers, and other resources can be published for network users to remotely access. Regular users cannot create shares on their local machines; only Administrators and Power Users have that ability. |
STIG | Date |
---|---|
Windows Server 2008 R2 Member Server Security Technical Implementation Guide | 2015-03-09 |
Check Text ( C-32709r1_chk ) |
---|
Open “Devices and Printers” in Control Panel. If there are no locally-attached printers, then mark this as “Not Applicable.” Perform this check for each locally-attached printer: Right click on a locally-attached printer. Select “Printer Properties”. Select the “Sharing” tab. View whether “Share this printer” is checked. For any printers with “Share this printer” selected: Select the Security tab. If any non-administrative user accounts or groups have greater permissions than “Print”, then this is a finding. |
Fix Text (F-29047r1_fix) |
---|
Configure the permissions on locally-shared printers to meet the minimum requirements. |