STIGQter: STIG Summary: Solaris 11 X86 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Solaris 11 X86 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-216121r603268_rule
V-216121
SRG-OS-000480
SOL-11.1-040400
CAT II
10
The root role is required.
Determine if the FTP server package is installed:
# pkg list service/network/ftp
If the output of this command is:
pkg list: no packages matching 'service/network/ftp' installed
no further action is required.
# for user in `logins -s | awk '{ print $1 }'` \
aiuser noaccess nobody nobody4; do
$(echo $user >> /etc/ftpd/ftpusers)
done
# sort -u /etc/ftpd/ftpusers > /etc/ftpd/ftpusers.temp
# mv /etc/ftpd/ftpusers.temp /etc/ftpd/ftpusers
The root role is required.
Determine if the FTP server package is installed:
# pkg list service/network/ftp
If the output of this command is:
pkg list: no packages matching 'service/network/ftp' installed
no further action is required.
If the FTP server is installed, determine if FTP access is restricted.
# for user in `logins -s | awk '{ print $1 }'` \
aiuser noaccess nobody nobody4; do
grep -w "${user}" /etc/ftpd/ftpusers >/dev/null 2>&1
if [ $? != 0 ]; then
echo "User '${user}' not in /etc/ftpd/ftpusers."
fi
done
If output is returned, this is a finding.
V-216121
False
SOL-11.1-040400
The root role is required.
Determine if the FTP server package is installed:
# pkg list service/network/ftp
If the output of this command is:
pkg list: no packages matching 'service/network/ftp' installed
no further action is required.
If the FTP server is installed, determine if FTP access is restricted.
# for user in `logins -s | awk '{ print $1 }'` \
aiuser noaccess nobody nobody4; do
grep -w "${user}" /etc/ftpd/ftpusers >/dev/null 2>&1
if [ $? != 0 ]; then
echo "User '${user}' not in /etc/ftpd/ftpusers."
fi
done
If output is returned, this is a finding.
M
4021