WG242 IIS6 - Log file data must contain required data elements. - 'Logging Properties Set Correctly'

Information

The use of log files is a critical component of the operation of the Information Systems (IS) used within the DoD, and they can provide invaluable assistance with regard to damage assessment, causation, and the recovery of both affected components and data. They may be used to monitor accidental or intentional misuse of the (IS) and may be used by law enforcement for criminal prosecutions. The use of log files is a requirement within the DoD.

NOTE: Review the found shares and ensure the web content directories are not being shared.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

1. Open the IIS Manager > Right click on the website being reviewed > Select Properties > Select the Web Site tab.
2. Ensure Enable logging is selected.
3. Select the Properties button > Select the Advance tab.
4. Under the Extended logging options check the following:

Date, Time, Client IP Address, User Name, Method, URI Query, Http Protocol Status and Referrer

5. Select OK.

See Also

http://iasecontent.disa.mil/stigs/zip/July2015/U_IIS_6-0_V6R16_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-3, CAT|II, Rule-ID|SV-28653r1_rule, STIG-ID|WG242_IIS6, Vuln-ID|V-13688

Plugin: Windows

Control ID: 3df6c589c6b105e5fe0e5eb80f30523f1e64f07abef348d83ee96f2f165a4b8a