Check: WN10-00-000395
Microsoft Windows 10 STIG:
WN10-00-000395
(in versions v3 r2 through v2 r8)
Title
Windows 10 must not have portproxy enabled or in use. (Cat II impact)
Discussion
Having portproxy enabled or configured in Windows 10 could allow a man-in-the-middle attack.
Check Content
Check the registry key for existence of proxied ports: HKLM\SYSTEM\CurrentControlSet\Services\PortProxy\. If the key contains v4tov4\tcp\ or is populated v4tov4\tcp\, this is a finding. Run "netsh interface portproxy show all". If the command displays any results, this is a finding.
Fix Text
Contact the Administrator to run "netsh interface portproxy delete" with elevation. Remove any enabled portproxies that may be configured.
Additional Identifiers
Rule ID: SV-257593r991589_rule
Vulnerability ID: V-257593
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000381 |
Configure the system to provide only organization-defined mission essential capabilities. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |