Configure the remote access gateway to prevent remotely connected users from unauthorized access to the local files or host system configuration.

From Remote Access Server STIG

Part of SRC-NET-100 Protect remote access configuration

Associated with IA controls: ECSC-1

SV-23846r1_rule Configure the remote access gateway to prevent remotely connected users from unauthorized access to the local files or host system configuration.

Vulnerability discussion

If users are allowed access to system files or configuration applications, they may change the application setting and create a denial of service incident.

Check content

Interview the site representative and review network or operating system SRR or self-assessment documentation.

Fix text

Ensure remote users do not have permissions to access databases, files, and configuration management applications resident on the remote access gateway.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer