UCF STIG Viewer Logo

Any active TFTP daemon must be authorized and approved in the system accreditation package.


Overview

Finding ID Version Rule ID IA Controls Severity
V-4695 GEN005140 SV-38440r1_rule DCSW-1 High
Description
TFTP is a file transfer protocol often used by embedded systems to obtain configuration data or software. The service is unencrypted and does not require authentication of requests. Data available using this service may be subject to unauthorized access or interception.
STIG Date
HP-UX 11.31 Security Technical Implementation Guide 2018-09-14

Details

Check Text ( C-36597r1_chk )
Determine if the TFTP daemon is active.
# grep -v "^#" /etc/inetd.conf |grep tftp

If TFTP is enabled, it is a finding if it is not documented by site-defined procedures.
Fix Text (F-31963r1_fix)
Disable the TFTP daemon.
Edit /etc/inetd.conf and comment out the tftp line. Restart the inetd service via the command:
# inetd -c