From Apache Server 2.4 Windows Server Security Technical Implementation Guide
Part of SRG-APP-000435-WSR-000147
Associated with: CCI-002385
An attacker has at least two reasons to stop a web server. The first is to cause a denial of service (DoS), and the second is to put in place changes the attacker made to the web server configuration.
Right-click <'Install Path'>\bin\httpd.exe. Click "Properties" from the "Context" menu. Select the "Security" tab. Review the groups and user names. The following account may have Full control privileges: TrustedInstaller Web Managers Web Manager designees The following accounts may have read and execute, or read permissions: Non Web Manager Administrators ALL APPLICATION PACKAGES (built-in security group) SYSTEM Users Specific users may be granted read and execute and read permissions. Compare the local documentation authorizing specific users against the users observed when reviewing the groups and users. If any other access is observed, this is a finding.
Restrict access to the web administration tool to only the Web Manager and the Web Manager's designees.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer