Any active TFTP daemon must be authorized and approved in the system accreditation package.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-4695 | GEN005140 | SV-28423r1_rule | DCSW-1 | High |
| Description |
|---|
| TFTP is a file transfer protocol often used by embedded systems to obtain configuration data or software. The service is unencrypted and does not require authentication of requests. Data available using this service may be subject to unauthorized access or interception. |
| STIG | Date |
|---|---|
| Solaris 10 SPARC Security Technical Implementation Guide | 2014-04-04 |
Details
| Check Text ( C-28689r1_chk ) |
|---|
| Determine if the TFTP daemon is active. # svcs svc:/network/tftp/* If TFTP is found enabled, it is a finding if it is not documented using site-defined procedures. |
| Fix Text (F-25718r1_fix) |
|---|
| Disable the TFTP daemon. # svcadm disable svc:/network/tftp/* # svcadm refresh inetd If TFTP is found enabled, it is a finding if it is not documented. |