Details

It is important to segregate public web server resources from private resources located behind the DoD DMZ in order to protect private assets. When folders, drives or other resources are directly shared between the public web server and private servers the intent of data and resource segregation can be compromised. Resources such as printers, files, and folders/directories must not be shared between public web servers and assets located within the internal network.

Solution

Configure the public web server to not have a trusted relationship with any system resource that is not accessible to the public.

Supportive Information

The following resource is also helpful.

• http://iasecontent.disa.mil/stigs/zip/July2015/U_IIS_6-0_V6R16_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

• 800-53|CM-6b.
• CAT|II
• CSCv6|3.1
• Rule-ID|SV-38175r1_rule
• STIG-ID|WG040_IIS6
• Vuln-ID|V-2234

Source

• Tenable.com/audits