Detections
Analytics

1.44 WN10-00-000395

Information

Windows 10 must not have portproxy enabled or in use.

GROUP ID: V-257593RULE ID: SV-257593r991589

Having portproxy enabled or configured in Windows 10 could allow a man-in-the-middle attack.

Solution

Contact the Administrator to run 'netsh interface portproxy delete' with elevation. Remove any enabled portproxies that may be configured.

See Also

https://workbench.cisecurity.org/benchmarks/23869

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7, 800-53|CM-7a., CCI|CCI-000381, Rule-ID|SV-257593r991589_rule, STIG-ID|WN10-00-000395, Vuln-ID|V-257593

Plugin: Windows

Control ID: 8c35c605837dbf69517457f3e4035b3a9e89ebcce61186f64b2ee4b1fa0b2104