The FTP daemon must not be installed unless required.
Overview
| Finding ID |
Version |
Rule ID |
IA Controls |
Severity |
| V-216055 |
SOL-11.1-020130 |
SV-216055r959010_rule |
|
High |
| Description |
| FTP is an insecure protocol. |
Details
| Check Text (C-17293r372547_chk) |
Determine if the FTP package is installed.
# pkg list service/network/ftp
If an installed package named "service/network/ftp" is listed and not required for operations, this is a finding. |
| Fix Text (F-17291r372548_fix) |
The Software Installation Profile is required.
# pfexec pkg uninstall service/network/ftp |