UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system must not run Samba unless needed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-4321 GEN006060 SV-46129r1_rule DCPD-1 ECSC-1 Medium
Description
Samba is a tool used for the sharing of files and printers between Windows and UNIX operating systems. It provides access to sensitive files and, therefore, poses a security risk if compromised.
STIG Date
SUSE Linux Enterprise Server v11 for System z 2015-01-26

Details

Check Text ( C-43388r1_chk )
Check the system for a running Samba server.

Procedure:
# ps -ef |grep smbd

If the Samba server is running, ask the SA if the Samba server is operationally required. If it is not, this is a finding.
Fix Text (F-39471r1_fix)
If there is no functional need for Samba and the daemon is running, disable the daemon by killing the process ID as noted from the output of ps -ef |grep smbd. The samba package should also be removed or not installed if there is no functional requirement.

Procedure:
rpm -qa |grep samba

This will show if "samba" is installed. Packages that start with “yast2-samba” are NOT part of the Samba software suite. To remove:

rpm -e samba
SuSEconfig