[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Specify channel binding token hardening level

ID: oval:org.secpod.oval:def:19460Date: (C)2014-05-29   (M)2023-07-04
Class: COMPLIANCEFamily: windows




The Specify channel binding token hardening level machine setting should be configured correctly. This policy setting allows you to set the hardening level of the Windows Remote Management (WinRM) service with regard to channel binding tokens. If you enable this policy setting, the WinRM service uses the level specified in HardeningLevel to determine whether or not to accept a received request, based on a supplied channel binding token. If you disable or do not configure this policy setting, you may configure the hardening level locally on each computer. If HardeningLevel is set to Strict, any request not containing a valid channel binding token will be rejected. If HardeningLevel is set to Relaxed (default value), any request containing an invalid channel binding token will be rejected. However, a request that does not contain any channel binding token will be accepted (though it will not be protected from credential-forwarding attacks). If HardeningLevel is set to None, all requests will be accepted (though they will not be protected from credential-forwarding attacks) Fix: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Remote Management (WinRM)\WinRM Service\Specify channel binding token hardening level (2) KEY: HKLM\Software\Policies\Microsoft\Windows\WinRM\Service\CBTHardeningLevelStatus

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-11875-2
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-11875-2
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_Server_2008_R2

© SecPod Technologies