Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Any active TFTP daemon must be authorized and approved in the system accreditation package.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-4695 | GEN005140 | SV-45909r1_rule | High |
| Description |
|---|
| TFTP is a file transfer protocol often used by embedded systems to obtain configuration data or software. The service is unencrypted and does not require authentication of requests. Data available using this service may be subject to unauthorized access or interception. |
| STIG | Date |
|---|---|
| SUSE Linux Enterprise Server v11 for System z | 2016-12-20 |
Details
| Check Text ( C-43217r1_chk ) |
|---|
| Determine if the TFTP daemon is active. # chkconfig --list | grep tftp Or # chkconfig tftp If TFTP is found enabled and not documented using site-defined procedures, it is a finding. |
| Fix Text (F-39288r1_fix) |
|---|
| Document or Disable the TFTP daemon. If the TFTP daemon is necessary on the system, document and justify its usage for approval from the IAO. If the TFTP daemon is not necessary on the system, turn it off. # chkconfig tftp off # service xinetd restart |