Navigate

Check: WINSV-000100

Windows 2008 Domain Controller STIG: WINSV-000100 (in versions v6 r47 through v6 r35)

Title

The Fax service must be disabled if installed. (Cat II impact)

Discussion

Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authentication or encryption.

Check Content

Run "Services.msc". If the "Fax" service (Service name: Fax) is installed and not disabled, this is a finding.

Fix Text

Remove or disable the "Fax" service (Service name: fax). To remove the "Fax Server" role from a system: Start "Server Manager" Select "Roles" in the left pane. Under "Role Summary" in the right pane, select "Remove Roles". On the "Server Roles" screen, de-select "Fax Server". Click "Next" and "Remove".

Additional Identifiers

Rule ID: SV-83307r1_rule

Vulnerability ID: V-26600

Group Title: Fax Service Disabled

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000381	Configure the system to provide only organization-defined mission essential capabilities.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-7	Least Functionality