ࡱ>  g2\p Sain, Joe Ba==-`c28X@"1Arial1Arial1Arial1Arial1Arial1Arial1Arial1Arial1Arial1Calibri1 Calibri1Calibri14Calibri1 Calibri1Calibri1$Arial1Calibri1,>Calibri1>Calibri1>Calibri1'Arial1>Calibri14Calibri1<Calibri1?Calibri1h>Cambria1Calibri1 Calibri"$"#,##0_);\("$"#,##0\)!"$"#,##0_);[Red]\("$"#,##0\)""$"#,##0.00_);\("$"#,##0.00\)'""$"#,##0.00_);[Red]\("$"#,##0.00\)7*2_("$"* #,##0_);_("$"* \(#,##0\);_("$"* "-"_);_(@_).))_(* #,##0_);_(* \(#,##0\);_(* "-"_);_(@_)?,:_("$"* #,##0.00_);_("$"* \(#,##0.00\);_("$"* "-"??_);_(@_)6+1_(* #,##0.00_);_(* \(#,##0.00\);_(* "-"??_);_(@_)"Yes";"Yes";"No""True";"True";"False""On";"On";"Off"],[$ -2]\ #,##0.00_);[Red]\([$ -2]\ #,##0.00\)                                                                      ff + ) , *      P  P         `             a   H 8 )8 )8  )8 )x+ )x+ 8 )8 )x+ 8Q@ @  hQ@ @  xQ@ @ + " 8 8 x )x xQ@ @  )x )x )x )x xQ@ @  )x (P a)p ||\F3}A} 00_)ef[$ -}A} 00_)ef[$ -}A} 00_)ef[$ -}A} 00_)ef[$ -}A} 00_)ef[$ -}A} 00_)ef [$ -}A} 00_)L[$ -}A} 00_)L[$ -}A} 00_)L[$ -}A} 00_)L[$ -}A} 00_)L[$ -}A} 00_)L [$ -}A} 00_)23[$ -}A} 00_)23[$ -}A} 00_)23[$ -}A} 00_)23[$ -}A}  00_)23[$ -}A}! 00_)23 [$ -}A}" 00_)[$ -}A}# 00_)[$ -}A}$ 00_)[$ -}A}% 00_)[$ -}A}& 00_)[$ -}A}' 00_) [$ -}A}( 00_)[$ -}}) }00_)[$ -##0.  }}* 00_)[$ -???##0.??? ??? ???}-}/ 00_)}(}0  00_)}A}1 a00_)[$ -}A}2 00_)[$ -}A}3 00_)?[$ -}A}4 00_)23[$ -}-}5 00_)}(}6  00_)}}7 ??v00_)̙[$ -##0.  }A}8 }00_)[$ -}A}9 e00_)[$ -}x};00_)[$##  }}< ???00_)[$???## ???  ??? ???}-}> 00_)}U}? 00_)[$## }-}@ 00_)}(}FL00_)}(}GL00_)}(}JL00_)}(}ML00_)}(}RcX00_)}(}ScX00_)}(}TcX00_)}(}UcX00_)}(}VcX00_)}(}W00_)}(}X00_)}(}Y00_)}(}Z00_)}<}[  00_)[$ 20% - Accent1M 20% - Accent1 ef % 20% - Accent2M" 20% - Accent2 ef % 20% - Accent3M& 20% - Accent3 ef % 20% - Accent4M* 20% - Accent4 ef % 20% - Accent5M. 20% - Accent5 ef % 20% - Accent6M2 20% - Accent6  ef % 40% - Accent1M 40% - Accent1 L % 40% - Accent2M# 40% - Accent2 L渷 % 40% - Accent3M' 40% - Accent3 L % 40% - Accent4M+ 40% - Accent4 L % 40% - Accent5M/ 40% - Accent5 L % 40% - Accent6M3 40% - Accent6  Lմ % 60% - Accent1M 60% - Accent1 23 % 60% - Accent2M$ 60% - Accent2 23ږ % 60% - Accent3M( 60% - Accent3 23כ % 60% - Accent4M, 60% - Accent4 23 % 60% - Accent5M0 60% - Accent5 23 %! 60% - Accent6M4 60% - Accent6  23 % "Accent1AAccent1 O % #Accent2A!Accent2 PM % $Accent3A%Accent3 Y % %Accent4A)Accent4 d % &Accent5A-Accent5 K % 'Accent6A1Accent6  F %(Bad9Bad  %) Calculation Calculation  }% * Check Cell Check Cell  %????????? ???+ Comma,( Comma [0]-&Currency.. Currency [0]/Explanatory TextG5Explanatory Text %0 F Followed Hyperlink   1Good;Good  a%2 Heading 1G Heading 1 I}%O3 Heading 2G Heading 2 I}%?4 Heading 3G Heading 3 I}%235 Heading 49 Heading 4 I}%64 Hyperlink   7InputuInput ̙ ??v% 8 Linked CellK Linked Cell }% 9NeutralANeutral  e%"Normal: Normal 10 2 ;Noteb Note   <OutputwOutput  ???%????????? ???=$Percent >Title1Title I}% ?TotalMTotal %OO@ Warning Text? Warning Text %XTableStyleMedium9PivotStyleMedium48dq:F3ffff̙̙3f3fff3f3f33333f33333\` IIS68 RCCE IDCCE DescriptionCCE ParametersCCE Technical MechanismsCThe path of the IIS Web Root folder should be configured correctly.(1) local path9The IIS Web Root directory should be named appropriately.(1) directory namesWIndividual IP addresses should be configured as appropriate for the specified websites."(1) TARGET: website (2) IP addressVThe specified websites should be configured to use the appropriate network interfaces.'(1) TARGET: website (2) exist/not exist`The master home directory "Enable Logging" setting should be enabled or disabled as appropriate.(1) enabled/disabledq(1) Internet Information Services (IIS) Manager GUI: Right Click on Server > Properties > Server > Enable LoggingYThe master home directory "Read" permission should be enabled or disabled as appropriate.s(1) Internet Information Services (IIS) Manager GUI: Right Click on Server > Properties > Home Directory tab > ReadZThe master home directory "Write" permission should be enabled or disabled as appropriate.t(1) Internet Information Services (IIS) Manager GUI: Right Click on Server > Properties > Home Directory tab > WriteiThe master home directory "Script Source Access" permission should be enabled or disabled as appropriate.|(1) Internet Information Services (IIS) Manager GUI: Right Click on Server > Properties > Home Directory tab > Script SourcegThe master home directory "Directory Browsing" permission should be enabled or disabled as appropriate.(1) Internet Information Services (IIS) Manager GUI: Right Click on Server > Properties > Home Directory tab > Directory Browsing_The master home directory "Log Visits" permission should be enabled or disabled as appropriate.y(1) Internet Information Services (IIS) Manager GUI: Right Click on Server > Properties > Home Directory tab > Log VisitshThe master home directory "Index this resource" permission should be enabled or disabled as appropriate.$(1) none/scripts/scripts&executables(1) Internet Information Services (IIS) Manager GUI: Right Click on Server > Properties > Home Directory tab > Index this resourcehThe master home directory "Execute Permissions" permission should be enabled or disabled as appropriate.(1) Internet Information Services (IIS) Manager GUI: Right Click on Server > Properties > Home Directory tab > Execute PermissionsvThe master home directory "Anonymous Access" permission for IIS websites should be enabled or disabled as appropriate.(1) Internet Information Services (IIS) Manager GUI: Right Click on Server > Properties > Directory Security > Authentication and Access Control tab > Anonymous AccessWThe master home directory "Basic Authentication" setting should be enabled or disabled.(1) Internet Information Services (IIS) Manager GUI: Right Click on Server > Properties > Directory Security > Authentication and Access Control tab > Authenticated AccessdThe master home directory "Integrated Windows Authentication" setting should be enabled or disabled.WThe "Enable Logging" setting should be enabled or disabled for the specified web server'(1) TARGET: server (2) enabled/disabledtThe "Read" permission should be enabled or disabled as appropriate for the home directory of the specified websites.((1) TARGET: website (2) enabled/disableduThe "Write" privilege should be enabled or disabled as appropriate for the home directory of the specified websites.The "Script Source Access" permission should be enabled or disabled as appropriate for the home directory of the specified websites.The "Directory Browsing" permission should be enabled or disabled as appropriate for the home directory of the specified websites.yThe"Log Visits" permission should be enabled or disabled as appropriate for the home directory of the specified websites.The "Index this resource" permission should be enabled or disabled as appropriate for the home directory of the specified websites.XThe "Execute Permissions" permission should be set correctly for the specified websites.8(1) TARGET: website (2) none/scripts/scripts&executablesThe "Anonymous Access" permission should be enabled or disabled as appropriate for the home directory of the specified websites.]Basic Authentication should be enabled or disabled as appropriate for the specified websites.fIntegrated Windows Authentication should be enabled or disabled as appropriate the specified websites.bThe WWW service Special Characters In Shells setting should be enabled or disabled as appropriate.b(1) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters\AllowSpecialCharsInShellOIIS WWW service SSL error logging should be enabled or disabled as appropriate._(1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\Schannel\EventLoggingMThe RDSServer.DataFactory object should be enable or disabeld as appropriate.(1) exist/not existf(1) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters\ADCLaunch\RDSServer.Factory KThe AdvancedDataFactory object should be enable or disabeld as appropriate.h(1) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters\ADCLaunch\AdvancedDataFactory LThe VbBusObj.VbBusObjCls object should be enable or disabeld as appropriate.i(1) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters\ADCLaunch\VbBusObj.VbBusObjClsEThe '.printer' extension mapping should be configured as appropriate.AThe '.htw' extension mapping should be configured as appropriate.AThe '.ida' extension mapping should be configured as appropriate.AThe '.idq' extension mapping should be configured as appropriate.AThe '.idc' extension mapping should be configured as appropriate.BThe '.shtm' extension mapping should be configured as appropriate.AThe '.stm' extension mapping should be configured as appropriate.CThe '.shtml' extension mapping should be configured as appropriate.`Relative path traversal should be enabled or disabled as appropriate for the specified websites.((1) TARGET: webiste (2) enabled/disabled(1) automatic/manual/disabledGThe startup type of the IIS Admin (IISAdmin) service should be correct.(1) defined by the Services Administrative Tool (2) definied by Group Policy (3) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IISADMIN\Start =(1) set of accounts (2) list of permissions (3) applicability!(1) defined by the object's DACLfThe file auditing for the directory \%SystemRoot%\System32\Inetsrv should be configured appropriately.; (1) set of accounts (2) events to audit (3) applicability" (1) defined by the object's SACL _HTTP protocol logging should be enabled or disabled as appropriate for the specified websites. UDate logging should be enabled or disabled as appropriate for the specified websites.) (1) TARGET: website (2) enabled/disabledUTime logging should be enabled or disabled as appropriate for the specified websites.bClient IP Address logging should be enabled or disabled as appropriate for the specified websites.[User name logging should be enabled or disabled as appropriate for the specified websites. [User agent logging should be enabled or disabled as appropriate for the specified websites.WMethod logging should be enabled or disabled as appropriate for the specified websites.ZURI stem logging should be enabled or disabled as appropriate for the specified websites. [URL query logging should be enabled or disabled as appropriate for the specified websites. cServer IP address logging should be enabled or disabled as appropriate for the specified websites. ]Server port logging should be enabled or disabled as appropriate for the specified websites. aProtocol status logging should be enabled or disabled as appropriate for the specified websites. ]Win32 status logging should be enabled or disabled as appropriate for the specified websites.[The path of the HTTP Log folder should be configured correctly for the specified websites."(1) TARGET: website (2) local pathQThe file auditing for the \Metaback directory should be configured appropriately.BThe membership of the IUSR account should be< configured correctly.(1) set of accounts%(1) defined by Local or Group Policy>The IUSR account should be enabled or disabled as appropriate.(1) valid name(1) number of bytesXWeb-based password reset IIS application mappings (.htr) should be configured correctly.;IIS Sample files should be installed or not as appropriate.(1) exist/not exist #(1) files in \Inetpub\iissamples GThe sample Data Access files should be installed or not as appropriate.>(1) files in \Program Files\Common Files\System\msadc\Samples 9IIS Help files should be installed or not as appropriate.'(1) files in %SystemRoot%\help\iishelp MRemote Account password changes should be enabled or disabled as appropriate.HIIS sample Web Printing files should be installed or not as appropriate.((1) files in %SystemRoot%\web\printersSThe execution context of the IIS CGI processes should be configured as appropriate.3(1) 'CreateProcessAsUser' key in IIS metabase filePServer Side Includes command shell should be enabled or disabled as appropriate.`(1) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters\SSIEnableCmdDirective,(1) AuthChangeDisable flag in the Metabase PThe "AllowRestrictedChars" setting should be enabled or disabled as appropriate.](1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\AllowRestrictedCharsIThe "EnableNonUTF8" setting should be enabled or disabled as appropriate.V(1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\EnableNonUTF8EThe "FavorUTF8" setting should be enabled or disabled as appropriate.R(1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\FavorUTF8EThe maximum possible size of request headers should be set correctly.W(1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\MaxFieldLengthWThe maximum possible combined size of request line and headers should be set correctly.X(1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\MaxRequestBytesOThe maximum number of characters in a URL path setting should be set correctly.(1) number of characters\(1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\UrlSegmentMaxLength@The maximum number of URL path segments should be set correctly.(1) number of URL path segments[(1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\UrlSegmentMaxCountZThe allowance of %U notation in request URLs should be enabled or disabled as appropriate.X(1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\PercentUAllowedSThe maximum response size that can be cached in the kernel should be set correctly.W(1) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\UriMaxUriBytesLThe maximum size of the entire request body setting should be set correctly.5(1) MaxRequestEntityAllowed key in IIS metabase file~(1) Internet Information Services (IIS) Manage => Web Sites => => right click Properties => ISAPI Filters => URLScanPThe 'Replace a process-level token' setting should be configured as appropriate.D(1) defined by the 'User Rights Assignment' setting in Local PolicySThe "Adjust memory quotas for a process" setting should be configured appropriatly.P(1) defined by the 'Adjust memory quotas for a process' setting in Local PolicyUThe startup type of the HTTP SSL (HTTPFilter) service should be configured correctly.O (1) defined by the Services Administrative Tool (2) definied by Group Policy KThe identity of the IIS Application Pools service should be set correctly. (1) type of service(1) Internet Information Services (IIS) Manager => Application Pools => right click Prpoerties => Identity Tab => non-privileged account@The worker proceess isolation should be configured appropriatly.(1) Internet Information Services (IIS) Manager => Web Sites => right click Properties => Services => Run WWW service in IIS 5.0The IIS Application Pool "Recycle worker process (in minutes)" setting should be enabled or disabled as appropriate for the specified application pools.1(1) TARGET: application pool (2) enabled/disabled(1) Internet Information Services (IIS) Manager => Application Pools => => right click Properties => Recycling => Recycle worker processes (in minutes)The IIS Application Pool "Recycle worker process (in minutes)" setting should be set as appropriate for the specified application pools.2(1) TARGET: application pool (2) number of minutesThe IIS Application Pool "Recycle worker process (number of requests)" setting should be enabled or disabled as appropriate for the specified application pools.(1) Internet Information Services (IIS) Manager => Application Pools => => right click Properties => Recycling => Recycle worker processes (number of requests)The IIS Application Pool "Recycle worker process (number of requests)" setting should be set as appropriate for the specified application pools.3(1) TARGET: application pool (2) number of requestsThe IIS Application Pool "Maximum virtual memory (in megabytes)" setting should be enabled or disabled as appropriate for the specified application pools.(1) Internet Information Services (IIS) Manager => Application Pools => => right click Properties => Recycling => Maximum virtual memory (in megabytes)The IIS Application Pool "Maximum virtual memory (in megabytes)" setting should be set correctly for the specified application pools.4(1) TARGET: application pool (2) number of megabytesThe IIS Application Pool "Maximum used memory (in megabytes)" setting should be enabled or disabled as appropriate for the specified application pools.(1) Internet Information Services (IIS) Manager => Application Pools => => right click Properties => Recycling => Maximum used memory (in megabytes)The IIS Application Pool "Maximum used memory (in megabytes)" setting should be set correctly for the specified application pools.The IIS Application Pool "Shutdown worker processes after being idle (time in minutes)" setting should be enabled or disabled as appropriate for the specified application pools.(1) Internet Information Services (IIS) Manager => Application Pools => => right click Properties => Performance => Shutdown worker processes after being idle (time in minutes)The IIS Application Pool "Shutdown worker processes after being idle (time in minutes)" setting should be set correctly for the specified application pools.The IIS Application Pool "Limit the kernel request queue (number of requests)" setting should be enabled or disabled as appropriate for the specified application pools.(1) Internet Information Services (IIS) Manager => Application Pools => => right click Properties => Performance => Limit the kernel request queue (number of requests)The IIS Application Pool "Limit the kernel request queue (number of requests)" setting should be set correctly for the specified application pools.The IIS Application Pool "'Enable pinging" setting should be enabled or disabled as appropriate for the specified application pools..(1) Internet Information Services (IIS) Manager => Application Pools => => right click Properties => Health => Enable pingingThe IIS Application Pool "Ping worker process every (frequency in seconds)" setting should be set correctly for the specified application pools.2(1) TARGET: application pool (2) number of seconds(1) Internet Information Services (IIS) Manager => Application Pools => => right click Properties => Health => Ping worker process every (frequency in seconds)The IIS Application Pool "Enable rapid-fail protection" setting should be enabled or disabled as appropriate for the specified application pools.(1) Internet Information Services (IIS) Manager => Application Pools => => right click Properties => Health => Enable rapid-fail protectionThe IIS Application Pool "Enable rapid-fail protection - Failures" setting should be set< correctly for the specified application pools.3(1) TARGET: application pool (2) number of failures(1) Internet Information Services (IIS) Manager => Application Pools => => right click Properties => Health => Enable rapid-fail protection - FailuresThe IIS Application Pool "Enable rapid-fail protection - Time Period" setting should be set correctly for the specified application pools.(1) Internet Information Services (IIS) Manager => Application Pools => => right click Properties => Health => Enable rapid-fail protection - Time PeriodgThe required auditing settings for the MetaBase.xml file should be assigned for the specified websites.!(1) defined by the object's SACL #Cert-In Securing IIS 6.0 Web Server84.2.6 Securing the Web Site Directory and Content, pg 21}http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/1c1d212b-18ae-414a-b5ec-eaf5b000a0c3.mspx?mfr=trueEhttp://technet.microsoft.com/en-us/library/cc779359%28v=ws.10%29.aspxATable 6: Web Site Permissions That Are Supported by IIS 6.0 pg 214.2.2 Authentication pg 16~https://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/035dcfd0-9a36-4788-b3b6-91dc6a9d9936.mspx?mfr=true~https://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/f85f0f16-4fea-4852-980c-4982d53c9948.mspx?mfr=true~https://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/5f8fe119-4095-4094-bba5-7dec361c7afe.mspx?mfr=trueBhttp://msdn.microsoft.com/en-us/library/aa711451%28v=vs.71%29.aspx&http://support.microsoft.com/kb/260729=http://technet.microsoft.com/en-us/security/bulletin/fq99-025}http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/7b55d524-60fc-4420-807b-e1797658088a.mspx?mfr=trueRule Title: The web document (home) directory must be on a separate partition from the web servers system files. STIG ID: WG205 IIS6 Rule ID: SV-30041r2_rule Vuln ID: V-3333Rule Title: Web server system files must conform to minimum file permission requirements. STIG ID: WG300 IIS6 Rule ID: SV-38327r1_rule Vuln ID: V-2259Rule Title: Logs of web server access and errors must be established and maintained. STIG ID: WG240 IIS6 Rule ID: SV-38065r1_rule Vuln ID: V-2250Rule Title: The IIS web site permissions "Write" or "Script Source" must not be selected. STIG ID: WA000-WI092 IIS6 Rule ID: SV-38020r1_rule Vuln ID: V-13699vRule Title: Directory browsing must be disabled. STIG ID: WA000-WI090 IIS6 Rule ID: SV-38016r1_rule Vuln ID: V-6755Rule Title: Indexing Services must only index web content. STIG ID: WA000-WI070 IIS6 Rule ID: SV-38011r1_rule Vuln ID: V-3963Rule Title: Unused and vulnerable script mappings in IIS 6 must be removed. STIG ID: WA000-WI050 IIS6 Rule ID: SV-16145r2_rule Vuln ID: V-2267Rule Title: Interactive scripts must have proper access controls. STIG ID: WG410 IIS6 Rule ID: SV-28848r2_rule Vuln ID: V-2229}http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/2df6ff66-da04-4e7c-997d-8f7aa46af8c8.mspx?mfr=true}http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/ebf1885b-7217-4ac6-93a3-633ef248bc8f.mspx?mfr=true}http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/676400bc-8969-4aa7-851a-9319490a9bbb.mspx?mfr=true&http://support.microsoft.com/kb/271071Rule Title: The AllowRestrictedChars registry key must be disabled. STIG ID: WA000-WI6080 IIS6 Rule ID: SV-38160r1_rule Vuln ID: V-13714Rule Title: The EnableNonUTF8 registry key must be disabled. STIG ID: WA000-WI6082 IIS6 Rule ID: SV-38161r1_rule Vuln ID: V-13715Rule Title: The FavorUTF8 registry key must be set properly. STIG ID: WA000-WI6084 IIS6 Rule ID: SV-38162r1_rule Vuln ID: V-13716Rule Title: The MaxFieldLength registry entry must be set properly. STIG ID: WA000-WI6086 IIS6 Rule ID: SV-38163r1_rule Vuln ID: V-13717Rule Title: The MaxRequestBytes registry entry must be set properly. STIG ID: WA000-WI6088 IIS6 Rule ID: SV-38164r1_rule Vuln ID: V-13718Rule Title: The UrlSegmentMaxLength registry entry must be set properly. STIG ID: WA000-WI6090 IIS6 Rule ID: SV-38165r1_rule Vuln ID: V-13719Rule Title: The UrlSegmentMaxCount registry entry must be set properly. STIG ID: WA000-WI6096 IIS6 Rule ID: SV-38168r1_rule Vuln ID: V-13722Rule Title: The PercentUAllowed registry entry must be set properly. STIG ID: WA000-WI6092 IIS6 Rule ID: SV-38166r1_rule Vuln ID: V-13720Rule Title: The UriMaxUriBytes registry entry must be set properly. STIG ID: WA000-WI6094 IIS6 Rule ID: SV-38167r1_rule Vuln ID: V-13721Rule Title: The MaxRequestEntityAllowed metabase value must be defined. STIG ID: WA000-WI6098 IIS6 Rule ID: SV-38047r1_rule Vuln ID: V-13723}http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/3648346f-e4f5-474b-86c7-5a86e85fa1ff.mspx?mfr=trueRule Title: The web site must have a unique application pool. STIG ID: WA000-WI6010 IIS6 Rule ID: SV-38137r1_rule Vuln ID: V-13703The Recycle Worker processes in minutes monitor must be set properly. STIG ID: WA000-WI6020 IIS6 Rule ID: SV-38134r1_rule Vuln ID: V-13704Rule Title: The maximum number of requests an application pool can process must be set. STIG ID: WA000-WI6022 IIS6 Rule ID: SV-38132r1_rule Vuln ID: V-13705Rule Title: The maximum virtual memory monitor must be enabled. STIG ID: WA000-WI6024 IIS6 Rule ID: SV-38033r1_rule Vuln ID: V-13706Rule Title: The maximum used memory monitor must be enabled. STIG ID: WA000-WI6026 IIS6 Rule ID: SV-38130r1_rule Vuln ID: V-13707Rule Title: The Shutdown worker processes Idle Timeout monitor must be enabled. STIG ID: WA000-WI6028 IIS6 Rule ID: SV-38125r1_rule Vuln ID: V-13708Rule Title: The Limit the kernel request queue monitor must be enabled STIG ID: WA000-WI6030 IIS6 Rule ID: SV-38123r1_rule Vuln ID: V-13709Rule Title: The Enable pinging monitor must be enabled. STIG ID: WA000-WI6032 IIS6 Rule ID: SV-38043r1_rule Vuln ID: V-13710Rule Title: The Enable rapid-fail protection monitor must be enabled. STIG ID: WA000-WI6034 IIS6 Rule ID: SV-38044r1_rule Vuln ID: V-13711Rule Title: The Enable rapid-fail time period monitor must be enabled. STIG ID: WA000-WI6036 IIS6 Rule ID: SV-38045r1_rule Vuln ID: V-13712Rule Title: Anonymous access accounts must be restricted. STIG ID: WG195 IIS6 Rule ID: SV-29351r2_rule Vuln ID: V-6537 Severity: CAT I Class: Unclass}http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/8f8364a3-5d84-48fd-b6a7-044dad20c413.mspx?mfr=true0The IWAM account should be configured correctly."(1) WAMUserName Metabase PropertyRule Title: The web client account access to the content and scripts directories must be limited to read and execute. STIG ID: WG290 IIS6 Rule ID: SV-30020r2_rule Vuln ID: V-2258Rule Title: The IISADMPWD directory must be removed from the Web server. STIG ID: WA000-WI035 IIS6 Rule ID: SV-38148r1_rule Vuln ID: V-13698 Severity: CAT I Class: UnclassRule Title: All web server documentation, sample code, example applications, and tutorials must be removed from a production web server. STIG ID: WG385 IIS6 Rule ID: SV-38330r1_rule Vuln ID: V-136215http://msdn.microsoft.com/en-us/library/ff648653.aspxRule Title: Log file data must contain required data elements. STIG ID: WG242 IIS6 Rule ID: SV-28653r2_rule Vuln ID: V-13688 Severity: CAT II Class: UnclassCSTIG IIS6 Site Version: 6 Release: 13 Benchmark Date: 28 Oct 2011FSTIG IIS6 Server Version: 6 Release: 13 Benchmark Date: 28 Oct 2011 TThe URLScan ISAPI filters should be configured correctly for the specified websites.}http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/f9b564d2-d245-4241-ba0d-266a896ca663.mspx?mfr=true(1) Internet Information Services (IIS) Manager GUI: Server > Right Click on the specified website > Properties > Home Directory tab(1) Internet Information Services (IIS) Manager GUI: Server > Right Click on the specified website > Properties > Home Directory tab(1) Internet Information Services <(IIS) Manager GUI: Server > Right Click on the specified website > Properties > Server > Web Site Identification > IP address(1) Internet Information Services (IIS) Manager GUI: Server > Right Click on the specified website > Properties > Server > Web Site Identification > All Unassigned(1) Internet Information Services (IIS) Manager GUI: Server > Right Click on the specified website > Properties > Server > Enable Logging(1) Internet Information Services (IIS) Manager GUI: Right Click on the specified website > Properties > Home Directory tab > Read(1) Internet Information Services (IIS) Manager GUI: Server > Right Click on the specified website > Properties > Home Directory tab > Write(1) Internet Information Services (IIS) Manager GUI: Server > Right Click on the specified website > Properties > Home Directory tab > Directory Browsing(1) Internet Information Services (IIS) Manager GUI: Server > Right Click on the specified website > Properties > Home Directory tab > Log Visits(1) Internet Information Services (IIS) Manager GUI: Server > Right Click on the specified website > Properties > Home Directory tab > Index this resource(1) Internet Information Services (IIS) Manager GUI: Server > Right Click on the specified website > Properties > Home Directory tab > Execute Permissions(1) Internet Information Services (IIS) Manager GUI: Server > Right Click on the specified website > Properties > Directory Security > Authentication and Access Control tab > Anonymous Access(1) Internet Information Services (IIS) Manager GUI: Server > Right Click on the specified website > Properties > Directory Security > Authentication and Access Control tab > Authenticated Access(1) Internet Information Service Manager > Server > Right Click on the specified website > Properties > Home Directory tab > Configuration button > App Mappings tab (1) Internet Information Service Manager > Server > Right Click on the specified website > Properties > Home Directory tab > Configuration button > Enable Parent Paths(1) Internet Information Service Manager > Server > Right Click on the specified website > Properties > Website Tab > W3C Extended Log File Format > Properties > Extended Properties (1) Internet Information Service Manager > Server > Right Click on the specified website > Properties > Website Tab > Properties(1) Internet Service manager > Server > Right Click on the specified website > Properties > Home Directory tab > Configuration button >App Mappings tabAPermissions on the Inetpub directory should be set appropriately.APermissions on the inetsrv directory should be set appropriately.<Permissions on inetsrv\asp.dll should be set appropriately.KPermissions on the Web Root "Images" directory should be set appropriately.LPermissions on the Web Root "scripts" directory should be set appropriately.PPermissions on the Web Root "executables" directory should be set appropriately.IPermissions on the Web Root "docs" directory should be set appropriately.IPermissions on the Web Root "home" directory should be set appropriately.LPermissions on the Web Root "include" directory should be set appropriately.BPermissions on the Web Root directory should be set appropriately.JPermissions on the default Logfiles directory should be set appropriately.PThe file auditing for the Inetpub directory should be configured appropriately.PThe file auditing for the Web Root directory should be configured appropriately.}http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/ed3c22ba-39fc-4332-bdb7-a0d9c76e4355.mspx?mfr=true CCE-19815-0 CCE-19592-5 CCE-19534-7 CCE-19871-3 CCE-19689-9 CCE-19133-8 CCE-20048-5 CCE-20017-0 CCE-19479-5 CCE-19263-3 CCE-19322-7 CCE-19625-3 CCE-19903-4 CCE-19259-1 CCE-19685-7 CCE-19932-3 CCE-19506-5 CCE-19406-8 CCE-20005-5 CCE-19655-0 CCE-19324-3 CCE-19092-6 CCE-19716-0 CCE-19138-7 CCE-19867-1 CCE-19628-7 CCE-19432-4 CCE-19790-5 CCE-20065-9 CCE-19711-1 CCE-19384-7 CCE-19690-7 CCE-20023-8 CCE-19768-1 CCE-19946-3 CCE-19365-6 CCE-19527-1 CCE-19732-7 CCE-20043-6 CCE-19545-3 CCE-20044-4 CCE-19751-7 CCE-20034-5 CCE-19792-1 CCE-20014-7 CCE-19433-2 CCE-19643-6 CCE-19332-6 CCE-20083-2 CCE-19801-0 CCE-19618-8 CCE-20052-7 CCE-19888-7 CCE-20077-4 CCE-19977-8 CCE-20029-5 CCE-19884-6 CCE-20024-6 CCE-19615-4 CCE-19678-2 CCE-19753-3 CCE-19683-2 CCE-19167-6 CCE-20028-7 CCE-19606-3 CCE-19838-2 CCE-19684-0 CCE-19940-6 CCE-20080-8 CCE-20026-1 CCE-19641-0 CCE-19362-3 CCE-19611-3 CCE-20015-4 CCE-19988-5 CCE-19691-5 CCE-20020-4 CCE-19737-6 CCE-19956-2 CCE-19797-0 CCE-19991-9 CCE-19763-2 CCE-19713-7 CCE-19270-8 CCE-19942-2 CCE-19665-9 CCE-19860-6 CCE-19823-4 CCE-19843-2 CCE-19799-6 CCE-20067-5 CCE-19097-5 CCE-20046-9 CCE-19288-0 CCE-20091-5 CCE-19840-8 CCE-19954-7 CCE-19157-7 CCE-19414-2 CCE-20054-3 CCE-19672-5 CCE-19934-9 CCE-19437-3 CCE-19633-7 CCE-20004-8 CCE-19442-3 CCE-19597-4 CCE-19912-5 CCE-20002-2 CCE-19160-1 CCE-20073-3 CCE-20069-1 CCE-20141-8 CCE-20055-0 CCE-19927-3Microsoft Online DocumentationLast modfied: 2013-02-11Version: 5.20130214:2 358n; 9? BEY4H9J LdO6#RSZvU$Ws^Z \S M_ a(f2jgosv y}6 up]ZxH  FP&0vV`Ф6@ fcc PK![Content_Types].xmlN0EH-J@%ǎǢ|ș$زULTB l,3;rØJB+$G]7O٭VMԯNDJ++2a,/$nECA6٥D-ʵ? dXiJF8,nx (MKoP(\HbWϿ})zg'8yV#x'˯?oOz3?^?O?~B,z_=yǿ~xPiL$M>7Ck9I#L nꎊ)f>\<|HL|3.ŅzI2O.&e>Ƈ8qBۙ5toG1sD1IB? }J^wi(#SKID ݠ1eBp{8yC]$f94^c>Y[XE>#{Sq c8 >;-&~ ..R(zy s^Fvԇ$*cߓqrB3' }'g7t4Kf"߇ފAV_] 2H7Hk;hIf;ZX_Fڲe}NM;SIvưõ[H5Dt(?]oQ|fNL{d׀O&kNa4%d8?L_H-Ak1h fx-jWBxlB -6j>},khxd׺rXg([x?eޓϲكkS1'|^=aѱnRvPK! ѐ'theme/theme/_rels/themeManager.xml.relsM 0wooӺ&݈Э5 6?$Q ,.aic21h:qm@RN;d`o7gK(M&$R(.1r'JЊT8V"AȻHu}|$b{P8g/]QAsم(#L[PK-![Content_Types].xmlPK-!֧6 0_rels/.relsPK-!kytheme/theme/themeManager.xmlPK-!0ktheme/theme/theme1.xmlPK-! ѐ' theme/theme/_rels/themeManager.xml.relsPK]  g2  vq  dMbP?_*+%&?'?(?)?M \\MBPS1\1S153A-LX(S odXXLetterPRIV0''''d"\KhC>i$SMTJLexmark Universal PS3Resolution600dpiOutputBinPrinterSettingStapleLocationFalseHolePunchFalseJogFalseFoldLocationFalseCollateTrueBookletNoCoverFalseBookletFFrontCoverFalseBookletBFrontCoverFalseBookletFBackCoverFalseBookletBBackCoverFalseBookletMaintainFalseBasicLayoutTrueFinisherBookletNoFoldJCLTonerDarknessNoneMediaTypeNoneBookletMediaTypeNoneAllColorsToBlackFalseDuplexNoneJCLPortRotationNoneHasKeepPreviousPHJobsTrueHasPrintandHoldTrueAdvancedBoookletAlgorithmTrueStatusWindowFalseShowStatusWindowAfterPrintingFalseHasPrintQualityTrueBitmapIDNoneSmallFontEnhancerFalsePixelBoostTrueNewDuplexTrueIsCustomPageTruePageSizeLetterPageRegionInputSlot*UseFormTrayTableBookletInputSlotAutoSelect"KMXLArialHdArialHd< UseSameSize"d,,??&U} mN} 2C} IC} 2C} A} %W} mC} R} R} } v  ` ` B  @             E E K K K K L X M S S H O I I I YJ TU P C C C G P C C D WF P C C D WF P C C D W G P C C D F P C C C F P C C C F P C C C F P  C C C F P! C C C F P" C C C F P# C C C G P$ C! C C" G P% C# C C" G P& C$ C% CF R P' C& C' CF R P( C( C' CF R P) C) C' CF R P* C* C' CF R P+ C+ C' CF R P, C, C' CF R P- C- C. CF R P. C/ C' C ZF P/ C0 C' C" ZF P0 C1 C' C ZF P1 C2 C C3 WF P2 C4 C C5 WF Q3 C6 C7 C8 WFD l^FPPTFFFFFFFFFFPPPPPPPPPPPPP ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ?  Q4 C9 C7 C: W F !Q5 !C; !C7 !C< !W!F "P6 "Cq "C "Cr "W"F #P7 #C= #C7 #C#F #R $P8 $C> $C7 $C$F $R %P9 %C? %C7 %C%F %R &P: &C@ &C7 &C&F &R 'P; 'CA 'C7 'C'F 'R (P< (CB (C7 (C(F (R )P= )CC )C7 )C)F )R *P> *CD *C7 *C*F *R +P? +CE +CF +C+F +R ,P@ ,CH ,CG ,CI ,W,F -PA -D  -CJ -CK-F -R .PB .D  .CJ .CK.F .R /PC /D  /CJ /CK/F /R 0PD 0D  0CJ 0CK0F 0R 1PE 1D  1CJ 1CK1F 1R 2PF 2D 2CJ 2CK2F 2R 3PG 3D 3CJ 3CK3F 3R 4PH 4D 4CJ 4CK4F 4R 5PI 5D 5CJ 5CK5F 5R 6PJ 6D 6CJ 6CK6F 6R 7PK 7D 7CJ 7CK7F 7R 8PL 8DL 8CM 8CN 8W8F 9PM 9D 9CM 9CN 9W9F :PN :D :CM :CN :W:F ;PO ;CO ;C' ;C ;W;F ;V <PP <CP <CQ <C <W<F <V =PQ =CR =CQ =C =W=F =V >PR >CS >CQ >C >W>F >V ?PS ?CT ?CQ ?C ?W?F ?VD lPPPPPPPPPPPPPPPPPPPPPPPPPPP^^^^@ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] ^ _  @PT @CU @CQ @C @W@F APU ACV ACQ AC AWAF AV BPV BCW BCQ BC BWBF CPW CCX CCQ CC CWCF CV DPX DCY DCQ DC DWDF EPY ECZ ECQ EC EWEF FPZ FC[ FCQ FC FWFF FV GP[ GC\ GCQ GC GWGF HP\ HC] HC^ HD HWHF IP] IC_ ICM ICN IWIF JP^ JD` JCa JCbJF JR KP_ KDc KC KCb KWKF LP` LD LCd LD LWLF MPa MDs MC MDtMF NPb NCf NC7 NCNF NR OPc OCg OCh OCiOF OR PPd PCj PCh PCkPF PR QPe QCl QCh QCmQF QR RPf RCn RCh RDuRF RR SPg SCo SCh SCpSF SR TPh TCv TC TCwTF TR UPi UCx UC UCyUF UR VPj VCz VC VC{VF VR WPk WC| WCe WC}WF WR XPl XC~ XCe XCXF XR YPm YC YC YCYF YR ZPn ZC ZC ZCZF ZR [Po [C [C [C[F [R \Pp \C \Ce \C\F \R ]Pq ]C ]Ce ]C]F ]R ^Pr ^D ^C ^D ^[^F _Ps _C _Ca _C _W_FD lP^P^PP^PPPPPPBPPPPPPPPPPPPPPPPP`abcdefghijklmnopqrstu `Pt `C `Ca `C `W`F aPu aD aCG aC aWaF bPv bC bC bCbF bR cPw cC cC cD c[cF dPx dC dC dCdF dR ePy eC eC eCeF eR fPz fC fC fCfF fR gP{ gC gC gCgF gR hP| hC hC hChF hR iP} iC iC iCiF iR jP~ jC jC jCjF jR kP kC kC kCkF kR lP lC lC lClF lR mP mC mC mCmF mR nP nC nC nCnF nR oP oC oC oCoF oR pP pC pC pCpF pR qP qC qC qCqF qR rP rC rC rCrF rR sP sC sC sCsF sR tP tC tC tCtF tR uP uC uCM uC uWuF0PPPPPPPPPPPPPPPPPPPPP>@RRA H^^yK ~http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/f9b564d2-d245-4241-ba0d-266a896ca663.mspx?mfr=trueyK http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/f9b564d2-d245-4241-ba0d-266a896ca663.mspx?mfr=trueyX;H,]ą'cHccyK ~http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/ed3c22ba-39fc-4332-bdb7-a0d9c76e4355.mspx?mfr=trueyK http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/ed3c22ba-39fc-4332-bdb7-a0d9c76e4355.mspx?mfr=trueyX;H,]ą'cggD@ Oh+'0@H`t Sain, Joseph A. Sain, JoeMicrosoft Macintosh Excel@`s,@s/՜.+,D՜.+,HP X`hp x  IIS6  Worksheets 8@ _PID_HLINKSAd IQ~http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/ed3c22ba-39fc-4332-bdb7-a0d9c76e4355.mspx?mfr=true~http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/f9b564d2-d245-4241-ba0d-266a896ca663.mspx?mfr=true  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~Root Entry F@өWorkbookSummaryInformation(DocumentSummaryInformation8