Detections
Analytics
WG290 IIS6 - The web client account access to the content and scripts directories must be limited to read and execute.
Information
Excessive permissions for the anonymous web user account are one of the most common faults contributing to the compromise of a web server. If this user is able to upload and execute files on the web server, the organization or owner of the server will no longer have control of the asset.NOTE: Update ANONYMOUS_ACCOUNT and CONTENT_DIR with the appropriate values for the local environment.
Solution
Disable Script source access, Write, and Directory browsing permissions on the web site, its sub-directories (including virtual directories), and files.Limit the anonymous account permissions to read & execute or less for the local paths (including their content).
See Also
http://iasecontent.disa.mil/stigs/zip/July2015/U_IIS_6-0_V6R16_STIG.zip
Item Details
Audit Name: DISA STIG IIS 6.0 Site Checklist v6r16
References: CAT|I, Rule-ID|SV-30020r1_rule, STIG-ID|WG290_IIS6, Vuln-ID|V-2258
Plugin: Windows
Control ID: d0854f3035fd873f151ddc62244086447ffbb191e37854abfdad4e5145b8c194