The FTPS/FTP service on the system must be configured with the Department of Defense (DoD) login banner.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-218079 | RHEL-06-000348 | SV-218079r505923_rule | Medium |
| Description |
|---|
| This setting will cause the system greeting banner to be used for FTP connections as well. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2020-09-03 |
Details
| Check Text ( C-19560r377252_chk ) |
|---|
| Verify the "vsftpd" package is installed: # rpm -qa | grep -i vsftpd vsftpd-3.0.2-22.e16.x86_64 If the "vsftpd" package is not installed, this is Not Applicable. To verify this configuration, run the following command: grep "banner_file" /etc/vsftpd/vsftpd.conf The output should show the value of "banner_file" is set to "/etc/issue", an example of which is shown below. # grep "banner_file" /etc/vsftpd/vsftpd.conf banner_file=/etc/issue If it does not, this is a finding. |
| Fix Text (F-19558r377253_fix) |
|---|
| Edit the vsftpd configuration file, which resides at "/etc/vsftpd/vsftpd.conf" by default. Add or correct the following configuration options. banner_file=/etc/issue Restart the vsftpd daemon. # service vsftpd restart |