| DISA_IIS_6.0_Web_Server_v6r16.audit from DISA Microsoft IIS 6.0 Server v6r16 STIG | |
| WA000-WI035 - The IISADMPWD directory has not been removed from the Web Server - permissions | |
| WA000-WI035 - The IISADMPWD directory has not been removed from the Web Server. | CONFIGURATION MANAGEMENT |
| WA000-WI080 IIS6 - The IIS Internet Printing Protocol must be disabled. | CONFIGURATION MANAGEMENT |
| WA000-WI100 IIS6 - The File System Object component, if not required, must be disabled. - '{0D43FE01-F093-11CF-8940-00A0C9054228} Check' | CONFIGURATION MANAGEMENT |
| WA000-WI100 IIS6 - The File System Object component, if not required, must be disabled. - 'Scripting.FileSystemObject Check' | CONFIGURATION MANAGEMENT |
| WA000-WI110 IIS6 - The command shell options must be disabled. | ACCESS CONTROL |
| WA000-WI6080 IIS6 - The AllowRestrictedChars registry key must be disabled. | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6082 IIS6 - The EnableNonUTF8 registry key must be disabled. | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6084 IIS6 - The FavorUTF8 registry key must be set properly. | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6086 IIS6 - The MaxFieldLength registry entry must be set properly. | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WI6088 IIS6 - The MaxRequestBytes registry entry must be set properly. | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WI6090 IIS6 - The UrlSegmentMaxLength registry entry must be set properly. | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WI6092 IIS6 - The PercentUAllowed registry entry must be set properly. | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6094 IIS6 - The UriMaxUriBytes registry entry must be set properly. | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WI6096 IIS6 - The UrlSegmentMaxCount registry entry must be set properly. | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA060 IIS6 - A public web server, if hosted on the NIPRNet, must be isolated in an accredited DoD DMZ Extension. | |
| WA070 IIS6 - A private web server must be located on a separate controlled access subnet. | |
| WA120 IIS6 - Administrative users and groups with access privilege to the web server must be documented. | |
| WA140 IIS6 - Web server content and configuration files must be part of a routine backup program. | |
| WA155 IIS6 - Classified web servers must be afforded physical security commensurate with the classification of its content. | |
| WA230 IIS6 - The site software used with the web server must have all applicable security patches applied and documented. | |
| WG040 IIS6 - Public web server resources must not be shared with private assets. | CONFIGURATION MANAGEMENT |
| WG050 IIS6 - The web server service password(s) must be entrusted to the SA or Web Manager. | |
| WG060 IIS6 - The service account ID used to run the web service must have its password changed at least annually. | ACCESS CONTROL |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'javac.exe search' | CONFIGURATION MANAGEMENT |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'Lcc-win32.exe search' | CONFIGURATION MANAGEMENT |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'msc.exe search' | CONFIGURATION MANAGEMENT |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'msvc.exe search' | CONFIGURATION MANAGEMENT |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'Python.exe search' | CONFIGURATION MANAGEMENT |
| WG130 IIS6 - Programs and features not necessary for operations must be removed. | CONFIGURATION MANAGEMENT |
| WG190 IIS6 - The web server must use a vendor-supported version of the web server software. | SYSTEM AND INFORMATION INTEGRITY |
| WG195 IIS6 - Anonymous access accounts must be restricted. | ACCESS CONTROL |
| WG200 IIS6 - Non-administrators must not be allowed access to the directory tree, the shell, or other utilities. - 'cmd.exe' | |
| WG200 IIS6 - Non-administrators must not be allowed access to the directory tree, the shell, or other utilities. - 'command.com' | |
| WG204 IIS6 - A web server must not be co-hosted with other services | CONFIGURATION MANAGEMENT |
| WG220 IIS6 - Access to web administration tools must be restricted to the Web Manager and the Web Manager's designees. | |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub' | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\AdminScripts' | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\ftproot' | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\ftproot\dropbox' | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\ftproot\ftpfiles' | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\mailroot' | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot' | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot\docs' | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot\images' | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot\scripts' | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv' | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\*.bat | CONFIGURATION MANAGEMENT |
| WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\*.exe' | CONFIGURATION MANAGEMENT |
