UCF STIG Viewer Logo

FTP servers must be configured to prevent access to the system drive.


Overview

Finding ID Version Rule ID IA Controls Severity
WN12-GE-000027 WN12-GE-000027 WN12-GE-000027_rule High
Description
The FTP service allows remote users to access shared files and directories which could provide access to system resources and compromise the system, especially if the user can gain access to the root directory of the boot drive.
STIG Date
Microsoft Windows Server 2012 Domain Controller Security Technical Implementation Guide 2013-07-25

Details

Check Text ( C-WN12-GE-000027_chk )
If FTP is not installed on the system, this is NA.

Open a "Command Prompt".
Log on using an authenticated FTP account, and attempt to access the root of the boot drive with the following commands:

X:\>ftp 127.0.0.1
(Connected to "servername".
220 "servername" Microsoft FTP Service (Version 2.0).)

User: "ftpuser"
(331 Password required for ftpuser.)

Password: "password"
(230 User ftpuser logged in.)

ftp> dir

If the FTP session indicates access to areas of the operating system such as Program Files and Windows directories, this is a finding.
Fix Text (F-WN12-GE-000027_fix)
Configure the system to prevent an FTP service from allowing access to the system drive.