Home
Security Hardening
DISA STIG IIS 6.0 Server V6R16

DISA STIG IIS 6.0 Server V6R16

WG050 IIS6 – The web server service password(s) must be entrusted to the SA or Web Manager.
Details Normally, a service account is established for the web server. This is because a privileged account is not desirable...
WG060 IIS6 – The service account ID used to run the web service must have its password changed at least annually.
Details Normally, a service account is established for the web service to run under rather than permitting it to run...
WG080 IIS6 – A compiler must not be installed on a production web server. – ‘javac.exe search’
Details The presence of a compiler on a production server facilitates the malicious user’s task of creating custom versions of...
WG080 IIS6 – A compiler must not be installed on a production web server. – ‘Lcc-win32.exe search’
Details The presence of a compiler on a production server facilitates the malicious user’s task of creating custom versions of...
WG080 IIS6 – A compiler must not be installed on a production web server. – ‘msc.exe search’
Details The presence of a compiler on a production server facilitates the malicious user’s task of creating custom versions of...
WG080 IIS6 – A compiler must not be installed on a production web server. – ‘msvc.exe search’
Details The presence of a compiler on a production server facilitates the malicious user’s task of creating custom versions of...
WG080 IIS6 – A compiler must not be installed on a production web server. – ‘Python.exe search’
Details The presence of a compiler on a production server facilitates the malicious user’s task of creating custom versions of...
WG130 IIS6 – Programs and features not necessary for operations must be removed.
Details Just as running unneeded services and protocols increase the attack surface of the web server, running unneeded utilities and...
WG200 IIS6 – Non-administrators must not be allowed access to the directory tree, the shell, or other utilities. – ‘command.com’
Details As a rule, accounts on a web server are to be kept to a minimum. Only administrators, web managers,...
WG190 IIS6 – The web server must use a vendor-supported version of the web server software.
Details The web server Software, IIS 6, is no longer supported by Microsoft for security updates and is not evaluated...

Prev Next

DISA STIG IIS 6.0 Server V6R16

WG050 IIS6 – The web server service password(s) must be entrusted to the SA or Web Manager.

WG060 IIS6 – The service account ID used to run the web service must have its password changed at least annually.

WG080 IIS6 – A compiler must not be installed on a production web server. – ‘javac.exe search’

WG080 IIS6 – A compiler must not be installed on a production web server. – ‘Lcc-win32.exe search’

WG080 IIS6 – A compiler must not be installed on a production web server. – ‘msc.exe search’

WG080 IIS6 – A compiler must not be installed on a production web server. – ‘msvc.exe search’

WG080 IIS6 – A compiler must not be installed on a production web server. – ‘Python.exe search’

WG130 IIS6 – Programs and features not necessary for operations must be removed.

WG200 IIS6 – Non-administrators must not be allowed access to the directory tree, the shell, or other utilities. – ‘command.com’

WG190 IIS6 – The web server must use a vendor-supported version of the web server software.