The system must not run Samba unless needed.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-4321	GEN006060	SV-64125r1_rule		Medium

Description
Samba is a tool used for the sharing of files and printers between Windows and UNIX operating systems. It provides access to sensitive files and, therefore, poses a security risk if compromised.

STIG	Date
Oracle Linux 5 Security Technical Implementation Guide	2020-02-25

Details

Check Text ( C-52577r1_chk )
Check the system for a running Samba server. Procedure: # ps -ef \|grep smbd If the Samba server is running, ask the SA if the Samba server is operationally required. If it is not, this is a finding.

Fix Text (F-54689r1_fix)
If there is no functional need for Samba and the daemon is running, disable the daemon by killing the process ID as noted from the output of ps -ef \|grep smbd. The samba package should also be removed or not installed if there is no functional requirement. Procedure: rpm -qa \|grep samba This will show whether "samba" or "samba3x" is installed. To remove: rpm --erase samba or rpm --erase samba3x

Fix Text (F-54689r1_fix)

If there is no functional need for Samba and the daemon is running, disable the daemon by killing the process ID as noted from the output of ps -ef |grep smbd. The samba package should also be removed or not installed if there is no functional requirement.

Procedure:
rpm -qa |grep samba

This will show whether "samba" or "samba3x" is installed. To remove:

rpm --erase samba
or
rpm --erase samba3x