Authorized ICF/ICS exposed services (Windows)

Module: Network Integrity

Supported Platforms: Windows 2003, Windows 2008, Windows Vista, Windows XP

This check reports unauthorized local services that are accessible to external users through Internet Connection Firewall/Sharing. To authorize a service to be exposed to external users, enter its information in an "Authorized Services" template and enable that template. All other exposed services will be reported as policy violations. This information is currently not available on Itanium based systems.

The following table lists the error message for the check.

Table: Error message for Authorized ICF/ICS exposed services

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: ESM_ICS_EXPOSURE_VIOLATION

Category: Change Notification

  • Windows 2003 (206367)

  • Windows 2008 (249367)

  • Windows Vista (229366)

  • Windows XP (201366)

Title: Unauthorized exposure of a network or host service

Description:An unauthorized network or host service is accessable to external users through the Windows Internet Connection Firewall/Sharing service. You should disable the exposed service or enter its information in an "Authorized Services" template and enable that template.

Severity: yellow-3

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]