UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The FTPS/FTP service on the system must be configured with the Department of Defense (DoD) login banner.


Overview

Finding ID Version Rule ID IA Controls Severity
V-50641 OL6-00-000348 SV-64847r3_rule Medium
Description
This setting will cause the system greeting banner to be used for FTP connections as well.
STIG Date
Oracle Linux 6 Security Technical Implementation Guide 2019-10-01

Details

Check Text ( C-53147r2_chk )
Verify the "vsftpd" package is installed:

# rpm -qa | grep -i vsftpd
vsftpd-3.0.2-22.e16.x86_64

If the "vsftpd" package is not installed, this is Not Applicable.

To verify this configuration, run the following command:

grep "banner_file" /etc/vsftpd/vsftpd.conf

The output should show the value of "banner_file" is set to "/etc/issue", an example of which is shown below.

# grep "banner_file" /etc/vsftpd/vsftpd.conf
banner_file=/etc/issue

If it does not, this is a finding.
Fix Text (F-56027r2_fix)
Edit the vsftpd configuration file, which resides at "/etc/vsftpd/vsftpd.conf" by default.

Add or correct the following configuration options.

banner_file=/etc/issue

Restart the vsftpd daemon.

# service vsftpd restart