An error occurred:

Check: WN11-00-000395

Microsoft Windows 11 STIG: WN11-00-000395 (in versions v1 r6 through v1 r5)

Title

Windows 11 must not have portproxy enabled or in use. (Cat II impact)

Discussion

Having portproxy enabled or configured in Windows 10 could allow a man-in-the-middle attack.

Check Content

Check the registry key for existence of proxied ports: HKLM\SYSTEM\CurrentControlSet\Services\PortProxy\. If the key contains v4tov4\tcp\ or is populated v4tov4\tcp\, this is a finding. Run "netsh interface portproxy show all". If the command displays any results, this is a finding.

Fix Text

Contact the Administrator to run "netsh interface portproxy delete" with elevation. Remove any enabled portproxies that may be configured.

Additional Identifiers

Rule ID: SV-257592r922047_rule

Vulnerability ID: V-257592

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000381

The organization configures the information system to provide only essential capabilities.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-7

Least Functionality