WN16-00-000360 – The Microsoft FTP service must not be installed unless required.

Details

Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authentication or encryption.

Solution

Uninstall the ‘FTP Server’ role.

Start ‘Server Manager’.

Select the server with the role.

Scroll down to ‘ROLES AND FEATURES’ in the right pane.

Select ‘Remove Roles and Features’ from the drop-down ‘TASKS’ list.

Select the appropriate server on the ‘Server Selection’ page and click ‘Next’.

Deselect ‘FTP Server’ under ‘Web Server (IIS)’ on the ‘Roles’ page.

Click ‘Next’ and ‘Remove’ as prompted.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Server_2016_V2R3_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

800-53|CM-7b.
CAT|II
CCI|CCI-000382
Rule-ID|SV-224851r569186_rule
STIG-ID|WN16-00-000360
STIG-Legacy|SV-87941
STIG-Legacy|V-73289
Vuln-ID|V-224851

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles