STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

AIX ftpd daemon must not be running.

DISA Rule

SV-215259r508663_rule

Vulnerability Number

V-215259

Group Title

SRG-OS-000074-GPOS-00042

Rule Version

AIX7-00-002060

Severity

CAT I

CCI(s)

• CCI-000197 - The information system, for password-based authentication, transmits only cryptographically-protected passwords.

Weight

10

Fix Recommendation

Disable "ftp" daemon entry in "/etc/inetd.conf" using command:
# chsubserver -r inetd -C /etc/inetd.conf -d -v 'ftp' -p 'tcp6'

Reload the inetd process:
# refresh -s inetd

Check Contents

Determine if the "ftp" daemon is running by running the following command:
# grep "^ftp[[:blank:]]" /etc/inetd.conf

If an entry is returned like the following line, the "ftp" daemon is running:
ftp stream tcp6 nowait root /usr/sbin/ftpd ftpd

If the above grep command returned a line that contains "ftpd", this is a finding.

Vulnerability Number

V-215259

Documentable

False

Rule Version

AIX7-00-002060

Severity Override Guidance

Determine if the "ftp" daemon is running by running the following command:
# grep "^ftp[[:blank:]]" /etc/inetd.conf

If an entry is returned like the following line, the "ftp" daemon is running:
ftp stream tcp6 nowait root /usr/sbin/ftpd ftpd

If the above grep command returned a line that contains "ftpd", this is a finding.

Check Content Reference

M

Target Key

4012

Comments