UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IBM z/VM TCP/IP ANONYMOU statement must not be coded in FTP configuration.


Overview

Finding ID Version Rule ID IA Controls Severity
V-237921 IBMZ-VM-000680 SV-237921r649603_rule Medium
Description
Operating systems utilizing encryption are required to use FIPS-compliant mechanisms for authenticating to cryptographic modules.
STIG Date
IBM zVM Using CA VM:Secure Security Technical Implementation Guide 2021-06-16

Details

Check Text ( C-41131r649601_chk )
If there is no FTP Server active, this is not applicable.

Examine the “DTCPARMS” file for each active FTP server.

If there is “:ANONYMOUS” or “:ANONYMOU” statement, this is a finding.

Examine the “SRVRFTP” command.

If “ANONYMOU” is coded, this is a finding.
Fix Text (F-41090r649602_fix)
Ensure the “:ANONYMOUS” or “:ANONYMOU” statement is not coded in the “DTCPARMS” or “SRVRFTP” command.