Network analysis tools must not be installed.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-12049	GEN003865	SV-45811r1_rule		Medium

Description
Network analysis tools allow for the capture of network traffic visible to the system.

STIG	Date
SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide	2018-09-19

Details

Check Text ( C-43132r1_chk )
Determine if any network analysis tools are installed. Procedure: # find / -name ethereal # find / -name wireshark # find / -name tshark # find / -name netcat # find / -name tcpdump # find / -name snoop If any network analysis tools are found, this is a finding.

Fix Text (F-39201r1_fix)
Remove each network analysis tool binary from the system. Remove package items with a package manager, others remove the binary directly. Procedure: Find the binary file: # find / -name Find the package, if any, to which it belongs: # rpm -qf Remove the package if it does not also include other software: # rpm -e # SuSEconfig If the item to be removed is not in a package, or the entire package cannot be removed because of other software it provides, remove the item's binary file. # rm

Fix Text (F-39201r1_fix)

Remove each network analysis tool binary from the system. Remove package items with a package manager, others remove the binary directly.

Procedure:

Find the binary file:
# find / -name

Find the package, if any, to which it belongs:
# rpm -qf

Remove the package if it does not also include other software:
# rpm -e
# SuSEconfig

If the item to be removed is not in a package, or the entire package cannot be removed because of other software it provides, remove the item's binary file.
# rm