Terminal Services are considered to be "medium risk" in beSECURE for the following reasons:
- Terminal Services should not be available on external IP addresses, and medium risks on external-facing IP addresses are issues you must fix. However, it's perfectly acceptable to have a medium risk on internal IP addresses if the policy of your organization will allow it (high risks are not, though).
- Medium risks, especially for internal IP's, are not necessarily critical vulnerabilities that need to be fixed; they are issues we want you to acknowledge. If they were critical, they would be high risk. If they were negligible, they would be low. Terminal Services is neither.
- Guessing a valid username and password (possibly using another vulnerability present) gives you complete control over the system. Unlike file sharing and other logins, Terminal Services gives you full and unrestricted control remotely.
You may find medium risk vulnerabilities that you want to ignore (that is, you have understood the issue and it does not apply to your organization). To ignore an issue, do the following:
- Log in to beSECURE.
- In the upper-left corner of the Home page, select DevOps.
- Select the Vulnerabilities Summary page.
- Select the checkbox next to the vulnerabilities you want to ignore.
- Select Mass Ticket Creation.
- Change the state to Ignore.
- Optionally, enter a comment explaining why these vulnerabilities were ignored.
- Select Create.
The vulnerabilities will no longer appear in the report and summary and will not affect the score. If you remove the Ignore state or search for these issues specifically (for example, to see the list of machines that have Terminal Services) you can explicitly search for each issue.