UCF STIG Viewer Logo

Users must be prevented from connecting using Terminal Services.


Overview

Finding ID Version Rule ID IA Controls Severity
V-14248 5.117 SV-14859r2_rule Medium
Description
Allowing a Terminal Services session to a workstation enables another avenue of access that could be exploited. The system must be configured to prevent users from connecting to a computer using Terminal Services.
STIG Date
Windows Vista Security Technical Implementation Guide 2017-01-30

Details

Check Text ( C-51785r1_chk )
If the following registry value does not exist or is not configured as specified, this is a finding:

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \Software\Policies\Microsoft\Windows NT\Terminal Services\

Value Name: fDenyTSConnections

Type: REG_DWORD
Value: 1
Fix Text (F-53567r1_fix)
Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Terminal Services -> Terminal Server -> Connections "Allow users to connect remotely using Terminal Services" to "Disabled.