Detections
Analytics
WG060 IIS6 - The service account ID used to run the web service must have its password changed at least annually.
Information
Normally, a service account is established for the web service to run under rather than permitting it to run as system or root. The password on such accounts must be changed at least annually. It is a fundamental tenet of security that passwords are not to be null and not to be set to never expire.Review the list of service accounts listed for the web server and ensure the passwords are changed annually.
For IIS or other web server installations that are running as localsystem, the password is changed automatically by the OS every 7 days.
Solution
Configure the service account ID used to run the web site to have its password changed at least annually.See Also
http://iasecontent.disa.mil/stigs/zip/July2015/U_IIS_6-0_V6R16_STIG.zip
Item Details
Audit Name: DISA STIG IIS 6.0 Server v6r16
Category: ACCESS CONTROL
References: 800-53|AC-2j., CAT|II, Rule-ID|SV-38189r1_rule, STIG-ID|WG060_IIS6, Vuln-ID|V-2235
Plugin: Windows
Control ID: dabd0d1d3d01e0a7b29d2aa0cc79add6c0f0c4df43626de0813fdfd65729ff00