Hi,
I'm working on a cut down version of the CIS Benchmark for IIS5.0 and 6.0 for Microsoft Windows 2000, XP and Server 2003 v 1.0 which comes with CCS.
The pre-defined checks in this standard have been reduced in number to ones relevant to the requirement.
However whilst the Standard when run is returning Pass/Fail state for certain checks, for a lot of the checks it returns an Unknown.
These checks which return an Unknown generally relate to the IIS6 Metabase / ASP.NET
I've asked regarding permissions on the account, which are set correctly as far as I can see. I've verified Local Administrator access as detailed in the following article:
http://www.symantec.com/business/support//index?page=content&pmv=print&impressions=&viewlocale=&id=HOWTO83950
It's running on CCS11, agentless collection, there doesn't seem to be any issue when checking Registry or Folder settings, just around Metabase/ASP.NET settings.
I have manually jumped onto one of the assets in scope for the standard to be run against and verified expected settings are in place, which should return Pass/Fail based on the check.
Examples of the checks which are returning Unknowns are:-
3.3.1 Is Server-side Application Debugging not allowed?
3.6.1 Are ASP Error Messages sent to Browser?
3.8.1 Is the ASP session timeout set to 10 minutes or less?
3.14.4 Has the msw3prt.dll been deleted?
4.6.2 Has the default re-direct been set to a custom error page?
Has anyone experience of running these OoB Standards and getting a Pass/Fail returned for checks around Metabase/ASP.NET
I'm doing a similar excersise with IIS7/7.5 but that is returning ok, as it's querying via WMI.
Are there any additional permissions or configuration which is required, in order for these OoB checks to work?
I'm currently thinking along the lines of permissions/not able to query the data from the asset?
Thanks
S.