| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| SCHR-P3-DP-001 | 164.231.170.44 | 2026-03-12 | |||
Finding DetailsEvaluate-STIG 1.2601.0 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: D494EFC0B5BFFA0F47A4414E95B31461DB797F2D ~~~~~ No machine.config or *.exe.config files found with 'defaultProxy enabled=false' or with 'bypasslist', 'module', or 'proxy' elements. Comments |
|||||
Check Text
Open Windows explorer and search for all "*.exe.config" and "machine.config" files. The referenced file is in the WinSxS directory (original source component file used when the Windows component was installed). If the files under WinSxS are read-only and cannot be modified, this is not a finding. Search each file for the "defaultProxy" element. <defaultProxy enabled="true|false" useDefaultCredentials="true|false" <bypasslist> … </bypasslist> <proxy> … </proxy> <module> … </module> /> If the "defaultProxy" setting "enabled=false" or if the "bypasslist", "module", or "proxy" child elements have configuration entries and there are no documented approvals from the authorizing official (AO), this is a finding. If the "defaultProxy" element is empty or if "useSystemDefault =True” then the framework is using default browser settings, this is not a finding.
Fix Text
Open Windows explorer and search for all "*.exe.config" and "machine.config" files. Search each file for the "defaultProxy" element. Clear the values contained in the "defaultProxy" element, and the "bypasslist", "module", and "proxy" child elements. The IAO must provide documented approvals of any non-default proxy servers.