This is not the latest version of the STIG. This is provided for archival purposes. See the latest STIG.

Windows 11 must not have portproxy enabled or in use.

STIG ID: WN11-00-000395  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: medium (CAT II)  |  CCI: CCI-000381 |  Vulnerability Id: V-257592

Vulnerability Discussion

Having portproxy enabled or configured in Windows 10 could allow a man-in-the-middle attack.

Check

Check the registry key for existence of proxied ports:
HKLM\SYSTEM\CurrentControlSet\Services\PortProxy\.

If the key contains v4tov4\tcp\ or is populated v4tov4\tcp\, this is a finding.

Run "netsh interface portproxy show all".

If the command displays any results, this is a finding.

Fix

Contact the Administrator to run "netsh interface portproxy delete" with elevation. Remove any enabled portproxies that may be configured.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.