WG210 IIS6 – Web content directories must not be anonymously shared.

Details

Anonymously shared directories are exposed to unnecessary risk. Any unnecessary exposure increases the risk that an intruder could exploit the access and compromise the web content or cause web server performance problems.

NOTE: Review the found shares and ensure the web content directories are not being shared.

Solution

Remove the shares from the applicable directories.

Supportive Information

The following resource is also helpful.

http://iasecontent.disa.mil/stigs/zip/July2015/U_IIS_6-0_V6R16_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

800-53|CM-6b.
CAT|II
CSCv6|3.1
Rule-ID|SV-38048r2_rule
STIG-ID|WG210_IIS6
Vuln-ID|V-2226

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles