COM+ Internet Services (CIS) Server Detection

info Nessus Plugin ID 10761
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

A COM+ Internet Services (CIS) server is listening on this port.

Description

COM+ Internet Services are RPC over HTTP tunneling and require IIS to operate. CIS ports shouldn't be visible on internet but only behind a firewall.

Solution

If you do not use this service, disable it with DCOMCNFG.

Otherwise, limit access to this port.

See Also

http://www.nessus.org/u?d02f7e6e

https://support.microsoft.com/en-us/support/kb/articles/q282/2/61.asp

Plugin Details

Severity: Info

ID: 10761

File Name: ncacn_http.nasl

Version: 1.14

Type: remote

Agent: windows

Family: Windows

Published: 9/14/2001

Updated: 11/22/2019

Dependencies: find_service1.nasl

Asset Inventory: true