Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-12049 | GEN003865 | SV-45811r1_rule | Medium |
Description |
---|
Network analysis tools allow for the capture of network traffic visible to the system. |
STIG | Date |
---|---|
SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide | 2018-09-19 |
Check Text ( C-43132r1_chk ) |
---|
Determine if any network analysis tools are installed. Procedure: # find / -name ethereal # find / -name wireshark # find / -name tshark # find / -name netcat # find / -name tcpdump # find / -name snoop If any network analysis tools are found, this is a finding. |
Fix Text (F-39201r1_fix) |
---|
Remove each network analysis tool binary from the system. Remove package items with a package manager, others remove the binary directly. Procedure: Find the binary file: # find / -name Find the package, if any, to which it belongs: # rpm -qf Remove the package if it does not also include other software: # rpm -e # SuSEconfig If the item to be removed is not in a package, or the entire package cannot be removed because of other software it provides, remove the item's binary file. # rm |